RHSA-2023_6901
Vulnerability from csaf_redhat - Published: 2023-11-14 15:24 - Updated: 2024-12-04 07:34Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: tun: double free in tun_free_netdev (CVE-2022-4744)
* kernel: net/sched: cls_u32 component reference counter leak (CVE-2023-3609)
* kernel: net/sched: sch_qfq vulnerability (CVE-2023-3611)
* kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)
* kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)
* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
* kernel: use-after-free and info leak in l2cap_conn_del and l2cap_parse_conf_req (CVE-2022-3640, CVE-2022-42895)
* kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)
* kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)
* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
* kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)
* kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)
* kernel: speculative pointer dereference in do_prlimit in kernel/sys.c (CVE-2023-0458)
* kernel: use-after-free in qdisc_graft (CVE-2023-0590)
* kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
* kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)
* kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)
* kernel: hid: Use After Free in asus_remove (CVE-2023-1079)
* kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)
* kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)
* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
* kernel: denial of service in tipc_conn_close (CVE-2023-1382)
* kernel: Use after free bug in btsdio_remove (CVE-2023-1989)
* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
* kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)
* kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)
* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
* kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)
* kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)
* kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)
* Kernel: denial of service in atm_tc_enqueue (CVE-2023-23455)
* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)
* kernel: Denial of service issue in az6027 driver (CVE-2023-28328)
* kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)
* kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)
* kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)
* kernel: saa7134: race condition in saa7134_finidev (CVE-2023-35823)
* kernel: dm1105: race condition in dm1105_remove.c (CVE-2023-35824)
* kernel: r592: race condition in r592_remove (CVE-2023-35825)
* kernel: net/tls: tls_is_tx_ready checked list_entry (CVE-2023-1075)
* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)
* kernel: Use after free in r592_remove (CVE-2023-3141)
* kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)
For more details about the security issue(s), refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An out-of-bounds write flaw was found in the Linux kernel’s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent the module atlantic from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
A vulnerability was found in intr_callback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected Realtek RTL8152/RTL8153 Based USB Ethernet Adapters (r8152) kernel module from loading during the boot time. Ensure the module is added into the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A vulnerability was found in the Linux Kernel in the l2cap_conn_del in net/bluetooth/l2cap_core.c function in the Bluetooth component. This issue leads to a use-after-free problem.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent the tun module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A double-free flaw was found in the Linux kernel's USB2CAN interface implementation. This issue could allow a local user to crash the system.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent module usb_8dev from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_cmd_res_check. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the vmwgfx kernel module. For instructions relating to blacklisting a kernel module, please see https://access.redhat.com/solutions/41278.
A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the vmwgfx kernel module. For instructions relating to blacklisting a kernel module, please see https://access.redhat.com/solutions/41278.
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
The vulnerability can be mitigated by installing the CPU microcode package microcode_ctl version 20230808.
An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_req function. An attacker with physical access within the range of standard Bluetooth transmission could use this flaw to leak kernel pointers via Bluetooth if within proximity of the victim.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This vulnerability can be mitigated by disabling the nested virtualization feature.
For Intel:
```
# modprobe -r kvm_intel
# modprobe kvm_intel nested=0
```
For AMD:
```
# modprobe -r kvm_amd
# modprobe kvm_amd nested=0
```
A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusb_dec_exit_dvb() function because of the lack of a dvb_frontend_detach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a denial of service condition.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the `ttusb_dec` kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A possible unauthorized memory access flaw was found in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stack(s) or other important data. This issue could allow a local user to gain access to some important data with expected location in memory.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.
6.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent module sctp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A memory leak flaw was found in the Linux kernel's TLS protocol. This issue could allow a local user unauthorized access to some memory.
CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A use-after-free flaw was found in asus_kbd_backlight_set in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem.
6.8 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected ASUS HID driver (for notebook built-in keyboard) module from loading during the boot time, ensure the module is added into the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A use-after-free flaw was found in the Linux kernel's integrated infrared receiver/transceiver driver. This issue occurs when a user detaches a rc device. This could allow a local user to crash the system or potentially escalate their privileges on the system.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent module ene_ir from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
5.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
https://access.redhat.com/solutions/30453
A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected transparent inter-process communication (TIPC) protocol kernel module from loading during the boot time. Ensure the module is added into the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected APM X-Gene SoC HW monitor kernel driver (apm_xgene) from loading during the boot time. Ensure the module is added into the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. A call to btsdio_remove with an unfinished job may cause a race problem which leads to a UAF on hdev devices.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected Generic Bluetooth SDIO driver kernel module from loading during the boot time. Ensure the module is added into the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
It was found that the Linux Kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The kernel failed to protect applications that attempted to protect against Spectre v2 leaving them open to attack from other processes running on the same physical core in another hyperthread.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by disabling Simultaneous Multithreading (SMT). For instructions on how to disable SMT in RHEL, please see https://access.redhat.com/solutions/rhel-smt.
A flaw was found in the Linux Kernel, leading to a denial of service. This issue occurs due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font->width and font->height greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause a kernel panic.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information.
6.0 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A double-free flaw was found in u32_set_parms in net/sched/cls_u32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent module cls_u32 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
An out-of-bounds memory write flaw was found in qfq_change_agg in net/sched/sch_qfq.c in the Traffic Control (QoS) subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is to skip loading the affected module sch_qfq onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.
~~~
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. Similar CVE-2023-4128 was rejected as a duplicate.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically.
~~~
https://access.redhat.com/solutions/41278
~~~
There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. Similar CVE-2023-4128 was rejected as a duplicate.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically.
~~~
https://access.redhat.com/solutions/41278
~~~
There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system. Similar CVE-2023-4128 was rejected as a duplicate.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically.
~~~
https://access.redhat.com/solutions/41278
~~~
A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
A possible workaround is disabling Transparent Hugepage
A denial of service flaw was found in atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results.
4.2 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:
```
# echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf
# sysctl -p /etc/sysctl.d/userns.conf
```
A double-free flaw was found in the Linux kernel when the MPLS implementation handled sysctl allocation failures. This issue could allow a local user to cause a denial of service or possibly execute arbitrary code.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A buffer overflow write flaw was identified in seq_buf_putmem_hex in lib/seq_buf.c in seq_buf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the KVM's Intel nested virtualization feature (nVMX). The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances (i.e., kvm_intel module loaded with parameters nested=1 and ept=0) this could allow a malicious guest to crash the host system, causing a denial of service.
6.0 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This vulnerability can be mitigated by disabling the nested virtualization feature:
```
# modprobe -r kvm_intel
# modprobe kvm_intel nested=0
```
A potential deadlock flaw was found in the Linux’s kernel DVB API (used by Digital TV devices) functionality. This flaw allows a local user to crash the system.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control (QoS) subsystem in how a user triggers the qfq_change_class function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
To mitigate this issue, prevent the module, sch_qfq from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
A race condition vulnerability was found in the Linux kernel's Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
Workaround
This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
A race condition was found in the Linux kernel's saa7134 device driver. This occurs when removing the module before cleanup in the saa7134_finidev function which can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A race condition was found in the Linux kernel's dm1105 device driver when removing the module before cleanup in the dm1105_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
A race condition was found in the Linux kernel's r592 device driver, when removing the module before cleanup in the r592_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2023:6901
References
Acknowledgments
Google Project Zero
Jann Horn
Duoming Zhou
Wei Chen
Weiteng Chen. University of California, Riverside.
Sanan Hasanov
ZJU & Ant Security Light-Year Lab
Lin Ma
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: tun: double free in tun_free_netdev (CVE-2022-4744)\n\n* kernel: net/sched: cls_u32 component reference counter leak (CVE-2023-3609)\n\n* kernel: net/sched: sch_qfq vulnerability (CVE-2023-3611)\n\n* kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)\n\n* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)\n\n* kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)\n\n* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)\n\n* kernel: use-after-free and info leak in l2cap_conn_del and l2cap_parse_conf_req (CVE-2022-3640, CVE-2022-42895)\n\n* kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)\n\n* kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)\n\n* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)\n\n* kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)\n\n* kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)\n\n* kernel: speculative pointer dereference in do_prlimit in kernel/sys.c (CVE-2023-0458)\n\n* kernel: use-after-free in qdisc_graft (CVE-2023-0590)\n\n* kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)\n\n* kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)\n\n* kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)\n\n* kernel: hid: Use After Free in asus_remove (CVE-2023-1079)\n\n* kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)\n\n* kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)\n\n* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)\n\n* kernel: denial of service in tipc_conn_close (CVE-2023-1382)\n\n* kernel: Use after free bug in btsdio_remove (CVE-2023-1989)\n\n* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)\n\n* kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)\n\n* kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)\n\n* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)\n\n* kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)\n\n* kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)\n\n* kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)\n\n* Kernel: denial of service in atm_tc_enqueue (CVE-2023-23455)\n\n* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)\n\n* kernel: Denial of service issue in az6027 driver (CVE-2023-28328)\n\n* kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)\n\n* kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)\n\n* kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)\n\n* kernel: saa7134: race condition in saa7134_finidev (CVE-2023-35823)\n\n* kernel: dm1105: race condition in dm1105_remove.c (CVE-2023-35824)\n\n* kernel: r592: race condition in r592_remove (CVE-2023-35825)\n\n* kernel: net/tls: tls_is_tx_ready checked list_entry (CVE-2023-1075)\n\n* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)\n\n* kernel: Use after free in r592_remove (CVE-2023-3141)\n\n* kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)\n\nFor more details about the security issue(s), refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6901",
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7027704",
"url": "https://access.redhat.com/solutions/7027704"
},
{
"category": "external",
"summary": "2024989",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024989"
},
{
"category": "external",
"summary": "2073091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073091"
},
{
"category": "external",
"summary": "2133453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133453"
},
{
"category": "external",
"summary": "2133455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133455"
},
{
"category": "external",
"summary": "2139610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139610"
},
{
"category": "external",
"summary": "2147356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147356"
},
{
"category": "external",
"summary": "2148520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148520"
},
{
"category": "external",
"summary": "2149024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149024"
},
{
"category": "external",
"summary": "2151317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151317"
},
{
"category": "external",
"summary": "2156322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156322"
},
{
"category": "external",
"summary": "2165741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165741"
},
{
"category": "external",
"summary": "2165926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165926"
},
{
"category": "external",
"summary": "2168332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168332"
},
{
"category": "external",
"summary": "2173403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173403"
},
{
"category": "external",
"summary": "2173430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173430"
},
{
"category": "external",
"summary": "2173434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173434"
},
{
"category": "external",
"summary": "2173444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173444"
},
{
"category": "external",
"summary": "2174400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174400"
},
{
"category": "external",
"summary": "2175903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175903"
},
{
"category": "external",
"summary": "2176140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
},
{
"category": "external",
"summary": "2177371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177371"
},
{
"category": "external",
"summary": "2177389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177389"
},
{
"category": "external",
"summary": "2181330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181330"
},
{
"category": "external",
"summary": "2182443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182443"
},
{
"category": "external",
"summary": "2184578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184578"
},
{
"category": "external",
"summary": "2185945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185945"
},
{
"category": "external",
"summary": "2187257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187257"
},
{
"category": "external",
"summary": "2188468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188468"
},
{
"category": "external",
"summary": "2192667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192667"
},
{
"category": "external",
"summary": "2192671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192671"
},
{
"category": "external",
"summary": "2193097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193097"
},
{
"category": "external",
"summary": "2193219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193219"
},
{
"category": "external",
"summary": "2213139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213139"
},
{
"category": "external",
"summary": "2213199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213199"
},
{
"category": "external",
"summary": "2213485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485"
},
{
"category": "external",
"summary": "2213802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213802"
},
{
"category": "external",
"summary": "2214348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214348"
},
{
"category": "external",
"summary": "2215502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215502"
},
{
"category": "external",
"summary": "2215835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215835"
},
{
"category": "external",
"summary": "2215836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215836"
},
{
"category": "external",
"summary": "2215837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215837"
},
{
"category": "external",
"summary": "2218195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218195"
},
{
"category": "external",
"summary": "2218212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218212"
},
{
"category": "external",
"summary": "2218943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943"
},
{
"category": "external",
"summary": "2219530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219530"
},
{
"category": "external",
"summary": "2221707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707"
},
{
"category": "external",
"summary": "2223949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223949"
},
{
"category": "external",
"summary": "2225191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225191"
},
{
"category": "external",
"summary": "2225201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225201"
},
{
"category": "external",
"summary": "2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "2236982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236982"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6901.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-04T07:34:02+00:00",
"generator": {
"date": "2024-12-04T07:34:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:6901",
"initial_release_date": "2023-11-14T15:24:26+00:00",
"revision_history": [
{
"date": "2023-11-14T15:24:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-14T15:24:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-04T07:34:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"product": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"product_id": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-513.5.1.rt7.307.el8_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-43975",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024989"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel\u2019s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43975"
},
{
"category": "external",
"summary": "RHBZ#2024989",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024989"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43975",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43975"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496"
}
],
"release_date": "2021-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module atlantic from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c"
},
{
"cve": "CVE-2022-3594",
"cwe": {
"id": "CWE-779",
"name": "Logging of Excessive Data"
},
"discovery_date": "2022-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2149024"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in intr_callback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Rate limit overflow messages in r8152 in intr_callback",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3594"
},
{
"category": "external",
"summary": "RHBZ#2149024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3594",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3594"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907"
}
],
"release_date": "2022-10-02T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected Realtek RTL8152/RTL8153 Based USB Ethernet Adapters (r8152) kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Rate limit overflow messages in r8152 in intr_callback"
},
{
"cve": "CVE-2022-3640",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2139610"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux Kernel in the l2cap_conn_del in net/bluetooth/l2cap_core.c function in the Bluetooth component. This issue leads to a use-after-free problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3640"
},
{
"category": "external",
"summary": "RHBZ#2139610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139610"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3640",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3640"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979"
}
],
"release_date": "2022-10-17T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2022-4744",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2022-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156322"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the Linux kernel\u2019s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tun: avoid double free in tun_free_netdev",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Keeping Red Hat Enterprise Linux version 8 with Moderate severity, because required patch 158b515f703e (see reference) missed. However, currently Red Hat Enterprise Linux version 8 not affected, because previous patch not backported too: 766b0515d5be (\"net: make sure devices go through netdev_wait_all_refs\"). Means that it is not possible to trigger the issue for the Red Hat Enterprise Linux 8, but potentially Red Hat Enterprise Linux version 8 could be vulnerable in future, so still need to fix. For the Red Hat Enterprise Linux version 9 there is known way to reproduce the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4744"
},
{
"category": "external",
"summary": "RHBZ#2156322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4744"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=158b515f703e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=158b515f703e"
}
],
"release_date": "2023-03-20T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the tun module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tun: avoid double free in tun_free_netdev"
},
{
"cve": "CVE-2022-28388",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073091"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the Linux kernel\u0027s USB2CAN interface implementation. This issue could allow a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Moderate because this case doesn\u0027t lead to a kernel crash as result of the pointers reference check preventing actual second memory free. The only known attack scenario is the possibility of a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28388"
},
{
"category": "external",
"summary": "RHBZ#2073091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073091"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28388"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module usb_8dev from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c"
},
{
"cve": "CVE-2022-38457",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2133455"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s vmwgfx driver in vmw_cmd_res_check. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: use-after-free in vmw_cmd_res_check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems making use of the vmwgfx driver are potentially affected by this flaw; systems without the vmwgfx driver loaded are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38457"
},
{
"category": "external",
"summary": "RHBZ#2133455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38457"
}
],
"release_date": "2022-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the vmwgfx kernel module. For instructions relating to blacklisting a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: use-after-free in vmw_cmd_res_check"
},
{
"cve": "CVE-2022-40133",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2133453"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s vmwgfx driver in vmw_execbuf_tie_context. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems making use of the vmwgfx driver are potentially affected by this flaw; systems without the vmwgfx driver loaded are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40133"
},
{
"category": "external",
"summary": "RHBZ#2133453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40133"
}
],
"release_date": "2022-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the vmwgfx kernel module. For instructions relating to blacklisting a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context"
},
{
"cve": "CVE-2022-40982",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2223949"
}
],
"notes": [
{
"category": "description",
"text": "A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Intel: Gather Data Sampling (GDS) side channel vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40982"
},
{
"category": "external",
"summary": "RHBZ#2223949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223949"
},
{
"category": "external",
"summary": "RHSB-7027704",
"url": "https://access.redhat.com/solutions/7027704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40982",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40982"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
}
],
"release_date": "2023-08-08T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "The vulnerability can be mitigated by installing the CPU microcode package microcode_ctl version 20230808.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Intel: Gather Data Sampling (GDS) side channel vulnerability"
},
{
"cve": "CVE-2022-42895",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2147356"
}
],
"notes": [
{
"category": "description",
"text": "An information leak vulnerability was found in the Linux kernel\u0027s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_req function. An attacker with physical access within the range of standard Bluetooth transmission could use this flaw to leak kernel pointers via Bluetooth if within proximity of the victim.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this flaw as it did not include support for parsing Extended Flow Specification option in L2CAP Config Request (upstream commit 42dceae2).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42895"
},
{
"category": "external",
"summary": "RHBZ#2147356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42895"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-vccx-8h74-2357",
"url": "https://github.com/google/security-research/security/advisories/GHSA-vccx-8h74-2357"
}
],
"release_date": "2022-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c"
},
{
"cve": "CVE-2022-45869",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2022-11-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151317"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: x86/mmu: race condition in direct_page_fault()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nested virtualization feature is not enabled by default up to Red Hat Enterprise Linux 8.4. Most importantly, Red Hat currently provides nested virtualization only as a Technology Preview and is therefore unsupported for production use. For additional details, please see https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45869"
},
{
"category": "external",
"summary": "RHBZ#2151317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151317"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45869"
}
],
"release_date": "2022-11-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This vulnerability can be mitigated by disabling the nested virtualization feature.\n\nFor Intel:\n```\n# modprobe -r kvm_intel\n# modprobe kvm_intel nested=0\n```\n\nFor AMD:\n```\n# modprobe -r kvm_amd\n# modprobe kvm_amd nested=0\n```",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: x86/mmu: race condition in direct_page_fault()"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148520"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusb_dec_exit_dvb() function because of the lack of a dvb_frontend_detach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45887"
},
{
"category": "external",
"summary": "RHBZ#2148520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148520"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45887"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/",
"url": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/",
"url": "https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the `ttusb_dec` kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c"
},
{
"cve": "CVE-2023-0458",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-04-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2193219"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the \u0027rlim\u0027 variable and can be used to leak the contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0458"
},
{
"category": "external",
"summary": "RHBZ#2193219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0458"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/739790605705ddcf18f21782b9c99ad7d53a8c11",
"url": "https://github.com/torvalds/linux/commit/739790605705ddcf18f21782b9c99ad7d53a8c11"
}
],
"release_date": "2023-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2023-0590",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165741"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free due to race condition in qdisc_graft()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "RHBZ#2165741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0590"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20221018203258.2793282-1-edumazet@google.com/",
"url": "https://lore.kernel.org/all/20221018203258.2793282-1-edumazet@google.com/"
}
],
"release_date": "2022-10-18T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free due to race condition in qdisc_graft()"
},
{
"cve": "CVE-2023-0597",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165926"
}
],
"notes": [
{
"category": "description",
"text": "A possible unauthorized memory access flaw was found in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stack(s) or other important data. This issue could allow a local user to gain access to some important data with expected location in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: x86/mm: Randomize per-cpu entry area",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0597"
},
{
"category": "external",
"summary": "RHBZ#2165926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0597"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/Yz%2FmfJ1gjgshF19t@hirez.programming.kicks-ass.net/",
"url": "https://lore.kernel.org/lkml/Yz%2FmfJ1gjgshF19t@hirez.programming.kicks-ass.net/"
}
],
"release_date": "2022-10-07T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: x86/mm: Randomize per-cpu entry area"
},
{
"cve": "CVE-2023-1073",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173403"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in the Linux kernel\u2019s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: HID: check empty report_list in hid_validate_values()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1073"
},
{
"category": "external",
"summary": "RHBZ#2173403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173403"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1073",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1073"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=b12fece4c64857e5fab4290bf01b2e0317a88456",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=b12fece4c64857e5fab4290bf01b2e0317a88456"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2023/01/17/3",
"url": "https://www.openwall.com/lists/oss-security/2023/01/17/3"
}
],
"release_date": "2023-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: HID: check empty report_list in hid_validate_values()"
},
{
"cve": "CVE-2023-1074",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173430"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: fail if no bound addresses can be used for a given scope",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1074"
},
{
"category": "external",
"summary": "RHBZ#2173430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1074"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=458e279f861d3f61796894cd158b780765a1569f",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=458e279f861d3f61796894cd158b780765a1569f"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2023/01/23/1",
"url": "https://www.openwall.com/lists/oss-security/2023/01/23/1"
}
],
"release_date": "2023-01-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sctp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: fail if no bound addresses can be used for a given scope"
},
{
"cve": "CVE-2023-1075",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173434"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s TLS protocol. This issue could allow a local user unauthorized access to some memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/tls: tls_is_tx_ready() checked list_entry",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1075"
},
{
"category": "external",
"summary": "RHBZ#2173434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1075"
}
],
"release_date": "2023-01-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: net/tls: tls_is_tx_ready() checked list_entry"
},
{
"cve": "CVE-2023-1079",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173444"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in asus_kbd_backlight_set in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hid: Use After Free in asus_remove()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1079"
},
{
"category": "external",
"summary": "RHBZ#2173444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1079"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=4ab3a086d10eeec1424f2e8a968827a6336203df",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=4ab3a086d10eeec1424f2e8a968827a6336203df"
}
],
"release_date": "2023-02-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected ASUS HID driver (for notebook built-in keyboard) module from loading during the boot time, ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hid: Use After Free in asus_remove()"
},
{
"acknowledgments": [
{
"names": [
"Duoming Zhou"
]
}
],
"cve": "CVE-2023-1118",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-02-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2174400"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s integrated infrared receiver/transceiver driver. This issue occurs when a user detaches a rc device. This could allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this vulnerability requires an attacker to either have physical access to a system with infrared receiver/transceiver hardware or requires a remote authenticated user to have knowledge about such hardware attached to the system and when it is disconnected, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "RHBZ#2174400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1118"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17",
"url": "https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17"
}
],
"release_date": "2023-02-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module ene_ir from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition"
},
{
"cve": "CVE-2023-1206",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2023-02-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2175903"
}
],
"notes": [
{
"category": "description",
"text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hash collisions in the IPv6 connection lookup table",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1206"
},
{
"category": "external",
"summary": "RHBZ#2175903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1206"
},
{
"category": "external",
"summary": "https://git.kernel.org/linus/d11b0df7ddf1831f3e170972f43186dad520bfcc",
"url": "https://git.kernel.org/linus/d11b0df7ddf1831f3e170972f43186dad520bfcc"
}
],
"release_date": "2023-06-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "https://access.redhat.com/solutions/30453",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hash collisions in the IPv6 connection lookup table"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2023-1252",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2176140"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 (\"ovl: fix use after free in struct ovl_aio_req\") not applied yet, the kernel could be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ovl: fix use after free in struct ovl_aio_req",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is possibly only triggered if an Ext4 filesystem is mounted. Because of that fact, and because exploitation would require that an attacker was able to control how that filesystem interacted with an OverlayFS filesystem, Red Hat assesses the impact of this vulnerability as Medium.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1252"
},
{
"category": "external",
"summary": "RHBZ#2176140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/"
}
],
"release_date": "2021-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ovl: fix use after free in struct ovl_aio_req"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-1382",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177371"
}
],
"notes": [
{
"category": "description",
"text": "A data race flaw was found in the Linux kernel, between where con is allocated and con-\u003esock is set. This issue leads to a NULL pointer dereference when accessing con-\u003esock-\u003esk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: denial of service in tipc_conn_close",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1382"
},
{
"category": "external",
"summary": "RHBZ#2177371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1382",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1382"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/bc7bd3183f1c275c820690fc65b708238fe9e38e.1668807842.git.lucien.xin@gmail.com/T/#u",
"url": "https://lore.kernel.org/netdev/bc7bd3183f1c275c820690fc65b708238fe9e38e.1668807842.git.lucien.xin@gmail.com/T/#u"
}
],
"release_date": "2022-11-18T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected transparent inter-process communication (TIPC) protocol kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: denial of service in tipc_conn_close"
},
{
"cve": "CVE-2023-1855",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184578"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free bug in remove function xgene_hwmon_remove",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw affects a specific CPU family, and because exploitation requires elevated system privileges, Red Hat assesses the impact of this flaw as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1855"
},
{
"category": "external",
"summary": "RHBZ#2184578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184578"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1855",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1855"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20230318122758.2140868-1-linux@roeck-us.net/",
"url": "https://lore.kernel.org/all/20230318122758.2140868-1-linux@roeck-us.net/"
}
],
"release_date": "2023-03-10T10:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected APM X-Gene SoC HW monitor kernel driver (apm_xgene) from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free bug in remove function xgene_hwmon_remove"
},
{
"cve": "CVE-2023-1989",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185945"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. A call to btsdio_remove with an unfinished job may cause a race problem which leads to a UAF on hdev devices.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use after free bug in btsdio_remove due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because successful exploitation of this flaw requires that a system supports SDIO hardware and that an attacker has control over attaching and detaching that hardware, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1989"
},
{
"category": "external",
"summary": "RHBZ#2185945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1989"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088"
}
],
"release_date": "2023-03-09T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected Generic Bluetooth SDIO driver kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use after free bug in btsdio_remove due to race condition"
},
{
"cve": "CVE-2023-1998",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187257"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Linux Kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The kernel failed to protect applications that attempted to protect against Spectre v2 leaving them open to attack from other processes running on the same physical core in another hyperthread.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Spectre v2 SMT mitigations problem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1998"
},
{
"category": "external",
"summary": "RHBZ#2187257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187257"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1998"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx"
}
],
"release_date": "2023-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling Simultaneous Multithreading (SMT). For instructions on how to disable SMT in RHEL, please see https://access.redhat.com/solutions/rhel-smt.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Spectre v2 SMT mitigations problem"
},
{
"acknowledgments": [
{
"names": [
"Weiteng Chen. University of California, Riverside."
]
}
],
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"discovery_date": "2023-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2189388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux Kernel, leading to a denial of service. This issue occurs due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because exploitation of this flaw requires that an attacker has privileges sufficient to manage md arrays, Red Hat assesses the impact of this vulnerability as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2269"
},
{
"category": "external",
"summary": "RHBZ#2189388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2269",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2269"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/ZD1xyZxb3rHot8PV@redhat.com/t/",
"url": "https://lore.kernel.org/lkml/ZD1xyZxb3rHot8PV@redhat.com/t/"
}
],
"release_date": "2023-04-17T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos"
},
{
"cve": "CVE-2023-2513",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2193097"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext4: use-after-free in ext4_xattr_set_entry()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having Moderate impact because of the preconditions needed to trigger the issue. The vulnerability can be exploited by a regular user, but the filesystem should be mounted with `debug_want_extra_isize`=128 and the user must have write access to the filesystem. It\u0027s also important to emphasize that `debug_want_extra_isize` is a debug mount option and should never be used in production.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2513"
},
{
"category": "external",
"summary": "RHBZ#2193097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2513"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ext4: use-after-free in ext4_xattr_set_entry()"
},
{
"cve": "CVE-2023-3141",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213199"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use after free bug in r592_remove",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw requires that specific peripheral hardware is attached, that an attacker has access to the hardware, and that the attacker is able to control the timing of hardware or media attachment and removal, Red Hat assesses the impact of this vulnerability as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3141"
},
{
"category": "external",
"summary": "RHBZ#2213199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3141"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw@mail.gmail.com/t/",
"url": "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw@mail.gmail.com/t/"
}
],
"release_date": "2023-03-07T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Use after free bug in r592_remove"
},
{
"acknowledgments": [
{
"names": [
"Sanan Hasanov"
]
}
],
"cve": "CVE-2023-3161",
"cwe": {
"id": "CWE-1335",
"name": "Incorrect Bitwise Shift of Integer"
},
"discovery_date": "2023-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213485"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font-\u003ewidth and font-\u003eheight greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fbcon: shift-out-of-bounds in fbcon_set_font()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3161"
},
{
"category": "external",
"summary": "RHBZ#2213485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3161",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3161"
}
],
"release_date": "2023-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fbcon: shift-out-of-bounds in fbcon_set_font()"
},
{
"cve": "CVE-2023-3212",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2214348"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause a kernel panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because exploitation of this flaw requires that an attacker is able to mount volumes they have prepared themselves or to corrupt existing system volumes, Red Hat assesses the impact of this vulnerability as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3212"
},
{
"category": "external",
"summary": "RHBZ#2214348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3212",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3212"
}
],
"release_date": "2023-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()"
},
{
"cve": "CVE-2023-3268",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-05-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215502"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds access in relay_file_read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3268"
},
{
"category": "external",
"summary": "RHBZ#2215502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3268",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3268"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc@wangsu.com/T/",
"url": "https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc@wangsu.com/T/"
}
],
"release_date": "2023-04-19T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds access in relay_file_read"
},
{
"cve": "CVE-2023-3609",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225201"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in u32_set_parms in net/sched/cls_u32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3609"
},
{
"category": "external",
"summary": "RHBZ#2225201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3609"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc"
}
],
"release_date": "2023-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module cls_u32 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails"
},
{
"cve": "CVE-2023-3611",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225191"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw was found in qfq_change_agg in net/sched/sch_qfq.c in the Traffic Control (QoS) subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3611"
},
{
"category": "external",
"summary": "RHBZ#2225191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225191"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3611"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e337087c3b5805fe0b8a46ba622a962880b5d64",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e337087c3b5805fe0b8a46ba622a962880b5d64"
}
],
"release_date": "2023-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module sch_qfq onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\n How do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead"
},
{
"acknowledgments": [
{
"names": [
"Lin Ma"
],
"organization": "ZJU \u0026 Ant Security Light-Year Lab"
}
],
"cve": "CVE-2023-3772",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-06-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3772"
},
{
"category": "external",
"summary": "RHBZ#2218943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3772"
}
],
"release_date": "2023-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()"
},
{
"cve": "CVE-2023-4128",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2261965"
}
],
"notes": [
{
"category": "description",
"text": "This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All CVE users should reference CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4128"
},
{
"category": "external",
"summary": "RHBZ#2261965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261965"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-4206",
"url": "https://access.redhat.com/security/cve/CVE-2023-4206"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-4207",
"url": "https://access.redhat.com/security/cve/CVE-2023-4207"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-4208",
"url": "https://access.redhat.com/security/cve/CVE-2023-4208"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"acknowledgments": [
{
"names": [
"Duoming Zhou"
]
}
],
"cve": "CVE-2023-4132",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2221707"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: smsusb: use-after-free caused by do_submit_urb()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4132"
},
{
"category": "external",
"summary": "RHBZ#2221707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4132",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4132"
}
],
"release_date": "2023-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: smsusb: use-after-free caused by do_submit_urb()"
},
{
"cve": "CVE-2023-4155",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2023-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213802"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw, as they did not include support for KVM AMD Secure Encrypted Virtualization (SEV). \nNote: AMD SEV is currently provided as a Technology Preview in RHEL 8, therefore, it is unsupported for production use. For additional details see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4155"
},
{
"category": "external",
"summary": "RHBZ#2213802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4155"
}
],
"release_date": "2023-08-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability"
},
{
"cve": "CVE-2023-4206",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225511"
}
],
"notes": [
{
"category": "description",
"text": "There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. \r\nA local user could use any of these flaws to crash the system or potentially escalate their privileges on the system.\r\n\r\nSimilar CVE-2023-4128 was rejected as a duplicate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4206"
},
{
"category": "external",
"summary": "RHBZ#2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4206"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"cve": "CVE-2023-4207",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225511"
}
],
"notes": [
{
"category": "description",
"text": "There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. \r\nA local user could use any of these flaws to crash the system or potentially escalate their privileges on the system.\r\n\r\nSimilar CVE-2023-4128 was rejected as a duplicate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4207"
},
{
"category": "external",
"summary": "RHBZ#2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4207"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"cve": "CVE-2023-4208",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225511"
}
],
"notes": [
{
"category": "description",
"text": "There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. \r\nA local user could use any of these flaws to crash the system or potentially escalate their privileges on the system.\r\n\r\nSimilar CVE-2023-4128 was rejected as a duplicate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4208"
},
{
"category": "external",
"summary": "RHBZ#2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4208",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4208"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"cve": "CVE-2023-4732",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"discovery_date": "2023-09-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236982"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4732"
},
{
"category": "external",
"summary": "RHBZ#2236982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4732"
}
],
"release_date": "2023-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "A possible workaround is disabling Transparent Hugepage",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h"
},
{
"cve": "CVE-2023-23455",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168332"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23455"
},
{
"category": "external",
"summary": "RHBZ#2168332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23455"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b"
}
],
"release_date": "2023-01-01T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n```\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n```",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion"
},
{
"cve": "CVE-2023-26545",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-02-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182443"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the Linux kernel when the MPLS implementation handled sysctl allocation failures. This issue could allow a local user to cause a denial of service or possibly execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mpls: double free on sysctl allocation failure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include MPLS routing support, which was introduced upstream in version 4.1-rc1 (commit 0189197 \"mpls: Basic routing support\").",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "RHBZ#2182443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26545"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mpls: double free on sysctl allocation failure"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-28328",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177389"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be mitigated by preventing the affected dvb_usb_az6027 kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28328"
},
{
"category": "external",
"summary": "RHBZ#2177389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28328",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28328"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/20221120065918.2160782-1-zhongbaisong@huawei.com/",
"url": "https://lore.kernel.org/linux-media/20221120065918.2160782-1-zhongbaisong@huawei.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/CAO4mrfcPHB5aQJO=mpqV+p8mPLNg-Fok0gw8gZ=zemAfMGTzMg@mail.gmail.com/",
"url": "https://lore.kernel.org/lkml/CAO4mrfcPHB5aQJO=mpqV+p8mPLNg-Fok0gw8gZ=zemAfMGTzMg@mail.gmail.com/"
}
],
"release_date": "2022-11-18T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c"
},
{
"cve": "CVE-2023-28772",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2181330"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow write flaw was identified in seq_buf_putmem_hex in lib/seq_buf.c in seq_buf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28772"
},
{
"category": "external",
"summary": "RHBZ#2181330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28772"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7",
"url": "https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7"
}
],
"release_date": "2023-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow"
},
{
"cve": "CVE-2023-30456",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188468"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM\u0027s Intel nested virtualization feature (nVMX). The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances (i.e., kvm_intel module loaded with parameters nested=1 and ept=0) this could allow a malicious guest to crash the host system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: nVMX: missing consistency checks for CR0 and CR4",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat currently provides the nested virtualization feature as a Technology Preview. Nested virtualization is therefore unsupported for production use. For more information please refer to https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-30456"
},
{
"category": "external",
"summary": "RHBZ#2188468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188468"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-30456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30456"
}
],
"release_date": "2023-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This vulnerability can be mitigated by disabling the nested virtualization feature:\n```\n# modprobe -r kvm_intel\n# modprobe kvm_intel nested=0\n```",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: nVMX: missing consistency checks for CR0 and CR4"
},
{
"cve": "CVE-2023-31084",
"discovery_date": "2023-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213139"
}
],
"notes": [
{
"category": "description",
"text": "A potential deadlock flaw was found in the Linux\u2019s kernel DVB API (used by Digital TV devices) functionality. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-31084"
},
{
"category": "external",
"summary": "RHBZ#2213139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31084"
}
],
"release_date": "2023-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible"
},
{
"cve": "CVE-2023-31436",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2192671"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s traffic control (QoS) subsystem in how a user triggers the qfq_change_class function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write in qfq_change_class function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-31436"
},
{
"category": "external",
"summary": "RHBZ#2192671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192671"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31436"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3037933448f60f9acb705997eae62013ecb81e0d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3037933448f60f9acb705997eae62013ecb81e0d"
}
],
"release_date": "2023-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module, sch_qfq from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: out-of-bounds write in qfq_change_class function"
},
{
"cve": "CVE-2023-33203",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-03-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2192667"
}
],
"notes": [
{
"category": "description",
"text": "A race condition vulnerability was found in the Linux kernel\u0027s Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include support for the EMAC Gigabit Ethernet Controller.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-33203"
},
{
"category": "external",
"summary": "RHBZ#2192667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192667"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33203"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()"
},
{
"cve": "CVE-2023-33951",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218195"
}
],
"notes": [
{
"category": "description",
"text": "A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: race condition leading to information disclosure vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-33951"
},
{
"category": "external",
"summary": "RHBZ#2218195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33951",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33951"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: race condition leading to information disclosure vulnerability"
},
{
"cve": "CVE-2023-33952",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218212"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: double free within the handling of vmw_buffer_object objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having Moderate impact because of the preconditions needed to trigger the issue: An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-33952"
},
{
"category": "external",
"summary": "RHBZ#2218212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33952"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: double free within the handling of vmw_buffer_object objects"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215835"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s saa7134 device driver. This occurs when removing the module before cleanup in the saa7134_finidev function which can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: saa7134: race condition leading to use-after-free in saa7134_finidev()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw only affects systems with specific hardware installed, and because exploitation requires an attacker to be able to manipulate the driver or the physical hardware with precise timing, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35823"
},
{
"category": "external",
"summary": "RHBZ#2215835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35823"
}
],
"release_date": "2023-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: saa7134: race condition leading to use-after-free in saa7134_finidev()"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215836"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s dm1105 device driver when removing the module before cleanup in the dm1105_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw only affects systems with specific hardware installed, and because exploitation requires an attacker to be able to manipulate the driver with precise timing, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35824"
},
{
"category": "external",
"summary": "RHBZ#2215836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35824"
}
],
"release_date": "2023-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c()"
},
{
"cve": "CVE-2023-35825",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215837"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s r592 device driver, when removing the module before cleanup in the r592_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: r592: race condition leading to use-after-free in r592_remove()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35825"
},
{
"category": "external",
"summary": "RHBZ#2215837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215837"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35825",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35825"
}
],
"release_date": "2023-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: r592: race condition leading to use-after-free in r592_remove()"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…