rhsa-2023_6901
Vulnerability from csaf_redhat
Published
2023-11-14 15:24
Modified
2024-12-04 07:34
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: tun: double free in tun_free_netdev (CVE-2022-4744)
* kernel: net/sched: cls_u32 component reference counter leak (CVE-2023-3609)
* kernel: net/sched: sch_qfq vulnerability (CVE-2023-3611)
* kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)
* kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)
* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
* kernel: use-after-free and info leak in l2cap_conn_del and l2cap_parse_conf_req (CVE-2022-3640, CVE-2022-42895)
* kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)
* kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)
* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
* kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)
* kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)
* kernel: speculative pointer dereference in do_prlimit in kernel/sys.c (CVE-2023-0458)
* kernel: use-after-free in qdisc_graft (CVE-2023-0590)
* kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
* kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)
* kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)
* kernel: hid: Use After Free in asus_remove (CVE-2023-1079)
* kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)
* kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)
* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
* kernel: denial of service in tipc_conn_close (CVE-2023-1382)
* kernel: Use after free bug in btsdio_remove (CVE-2023-1989)
* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
* kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)
* kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)
* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
* kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)
* kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)
* kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)
* Kernel: denial of service in atm_tc_enqueue (CVE-2023-23455)
* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)
* kernel: Denial of service issue in az6027 driver (CVE-2023-28328)
* kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)
* kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)
* kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)
* kernel: saa7134: race condition in saa7134_finidev (CVE-2023-35823)
* kernel: dm1105: race condition in dm1105_remove.c (CVE-2023-35824)
* kernel: r592: race condition in r592_remove (CVE-2023-35825)
* kernel: net/tls: tls_is_tx_ready checked list_entry (CVE-2023-1075)
* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)
* kernel: Use after free in r592_remove (CVE-2023-3141)
* kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)
For more details about the security issue(s), refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: tun: double free in tun_free_netdev (CVE-2022-4744)\n\n* kernel: net/sched: cls_u32 component reference counter leak (CVE-2023-3609)\n\n* kernel: net/sched: sch_qfq vulnerability (CVE-2023-3611)\n\n* kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)\n\n* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)\n\n* kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)\n\n* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)\n\n* kernel: use-after-free and info leak in l2cap_conn_del and l2cap_parse_conf_req (CVE-2022-3640, CVE-2022-42895)\n\n* kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)\n\n* kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)\n\n* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)\n\n* kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)\n\n* kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)\n\n* kernel: speculative pointer dereference in do_prlimit in kernel/sys.c (CVE-2023-0458)\n\n* kernel: use-after-free in qdisc_graft (CVE-2023-0590)\n\n* kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)\n\n* kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)\n\n* kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)\n\n* kernel: hid: Use After Free in asus_remove (CVE-2023-1079)\n\n* kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)\n\n* kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)\n\n* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)\n\n* kernel: denial of service in tipc_conn_close (CVE-2023-1382)\n\n* kernel: Use after free bug in btsdio_remove (CVE-2023-1989)\n\n* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)\n\n* kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)\n\n* kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)\n\n* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)\n\n* kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)\n\n* kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)\n\n* kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)\n\n* Kernel: denial of service in atm_tc_enqueue (CVE-2023-23455)\n\n* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)\n\n* kernel: Denial of service issue in az6027 driver (CVE-2023-28328)\n\n* kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)\n\n* kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)\n\n* kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)\n\n* kernel: saa7134: race condition in saa7134_finidev (CVE-2023-35823)\n\n* kernel: dm1105: race condition in dm1105_remove.c (CVE-2023-35824)\n\n* kernel: r592: race condition in r592_remove (CVE-2023-35825)\n\n* kernel: net/tls: tls_is_tx_ready checked list_entry (CVE-2023-1075)\n\n* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)\n\n* kernel: Use after free in r592_remove (CVE-2023-3141)\n\n* kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)\n\nFor more details about the security issue(s), refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6901",
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7027704",
"url": "https://access.redhat.com/solutions/7027704"
},
{
"category": "external",
"summary": "2024989",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024989"
},
{
"category": "external",
"summary": "2073091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073091"
},
{
"category": "external",
"summary": "2133453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133453"
},
{
"category": "external",
"summary": "2133455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133455"
},
{
"category": "external",
"summary": "2139610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139610"
},
{
"category": "external",
"summary": "2147356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147356"
},
{
"category": "external",
"summary": "2148520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148520"
},
{
"category": "external",
"summary": "2149024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149024"
},
{
"category": "external",
"summary": "2151317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151317"
},
{
"category": "external",
"summary": "2156322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156322"
},
{
"category": "external",
"summary": "2165741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165741"
},
{
"category": "external",
"summary": "2165926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165926"
},
{
"category": "external",
"summary": "2168332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168332"
},
{
"category": "external",
"summary": "2173403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173403"
},
{
"category": "external",
"summary": "2173430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173430"
},
{
"category": "external",
"summary": "2173434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173434"
},
{
"category": "external",
"summary": "2173444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173444"
},
{
"category": "external",
"summary": "2174400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174400"
},
{
"category": "external",
"summary": "2175903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175903"
},
{
"category": "external",
"summary": "2176140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
},
{
"category": "external",
"summary": "2177371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177371"
},
{
"category": "external",
"summary": "2177389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177389"
},
{
"category": "external",
"summary": "2181330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181330"
},
{
"category": "external",
"summary": "2182443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182443"
},
{
"category": "external",
"summary": "2184578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184578"
},
{
"category": "external",
"summary": "2185945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185945"
},
{
"category": "external",
"summary": "2187257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187257"
},
{
"category": "external",
"summary": "2188468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188468"
},
{
"category": "external",
"summary": "2192667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192667"
},
{
"category": "external",
"summary": "2192671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192671"
},
{
"category": "external",
"summary": "2193097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193097"
},
{
"category": "external",
"summary": "2193219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193219"
},
{
"category": "external",
"summary": "2213139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213139"
},
{
"category": "external",
"summary": "2213199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213199"
},
{
"category": "external",
"summary": "2213485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485"
},
{
"category": "external",
"summary": "2213802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213802"
},
{
"category": "external",
"summary": "2214348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214348"
},
{
"category": "external",
"summary": "2215502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215502"
},
{
"category": "external",
"summary": "2215835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215835"
},
{
"category": "external",
"summary": "2215836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215836"
},
{
"category": "external",
"summary": "2215837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215837"
},
{
"category": "external",
"summary": "2218195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218195"
},
{
"category": "external",
"summary": "2218212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218212"
},
{
"category": "external",
"summary": "2218943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943"
},
{
"category": "external",
"summary": "2219530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219530"
},
{
"category": "external",
"summary": "2221707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707"
},
{
"category": "external",
"summary": "2223949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223949"
},
{
"category": "external",
"summary": "2225191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225191"
},
{
"category": "external",
"summary": "2225201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225201"
},
{
"category": "external",
"summary": "2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "2236982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236982"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6901.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-04T07:34:02+00:00",
"generator": {
"date": "2024-12-04T07:34:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:6901",
"initial_release_date": "2023-11-14T15:24:26+00:00",
"revision_history": [
{
"date": "2023-11-14T15:24:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-14T15:24:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-04T07:34:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"product": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"product_id": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-513.5.1.rt7.307.el8_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-513.5.1.rt7.307.el8_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "NFV-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"relates_to_product_reference": "RT-8.9.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-43975",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024989"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel\u2019s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43975"
},
{
"category": "external",
"summary": "RHBZ#2024989",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024989"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43975",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43975"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496"
}
],
"release_date": "2021-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module atlantic from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c"
},
{
"cve": "CVE-2022-3594",
"cwe": {
"id": "CWE-779",
"name": "Logging of Excessive Data"
},
"discovery_date": "2022-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2149024"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in intr_callback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Rate limit overflow messages in r8152 in intr_callback",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3594"
},
{
"category": "external",
"summary": "RHBZ#2149024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3594",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3594"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=93e2be344a7db169b7119de21ac1bf253b8c6907"
}
],
"release_date": "2022-10-02T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected Realtek RTL8152/RTL8153 Based USB Ethernet Adapters (r8152) kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Rate limit overflow messages in r8152 in intr_callback"
},
{
"cve": "CVE-2022-3640",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2139610"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux Kernel in the l2cap_conn_del in net/bluetooth/l2cap_core.c function in the Bluetooth component. This issue leads to a use-after-free problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3640"
},
{
"category": "external",
"summary": "RHBZ#2139610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139610"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3640",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3640"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979"
}
],
"release_date": "2022-10-17T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2022-4744",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2022-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156322"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the Linux kernel\u2019s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tun: avoid double free in tun_free_netdev",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Keeping Red Hat Enterprise Linux version 8 with Moderate severity, because required patch 158b515f703e (see reference) missed. However, currently Red Hat Enterprise Linux version 8 not affected, because previous patch not backported too: 766b0515d5be (\"net: make sure devices go through netdev_wait_all_refs\"). Means that it is not possible to trigger the issue for the Red Hat Enterprise Linux 8, but potentially Red Hat Enterprise Linux version 8 could be vulnerable in future, so still need to fix. For the Red Hat Enterprise Linux version 9 there is known way to reproduce the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4744"
},
{
"category": "external",
"summary": "RHBZ#2156322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4744"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=158b515f703e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=158b515f703e"
}
],
"release_date": "2023-03-20T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the tun module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tun: avoid double free in tun_free_netdev"
},
{
"cve": "CVE-2022-28388",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073091"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the Linux kernel\u0027s USB2CAN interface implementation. This issue could allow a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Moderate because this case doesn\u0027t lead to a kernel crash as result of the pointers reference check preventing actual second memory free. The only known attack scenario is the possibility of a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28388"
},
{
"category": "external",
"summary": "RHBZ#2073091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073091"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28388"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module usb_8dev from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c"
},
{
"cve": "CVE-2022-38457",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2133455"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s vmwgfx driver in vmw_cmd_res_check. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: use-after-free in vmw_cmd_res_check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems making use of the vmwgfx driver are potentially affected by this flaw; systems without the vmwgfx driver loaded are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38457"
},
{
"category": "external",
"summary": "RHBZ#2133455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38457"
}
],
"release_date": "2022-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the vmwgfx kernel module. For instructions relating to blacklisting a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: use-after-free in vmw_cmd_res_check"
},
{
"cve": "CVE-2022-40133",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2133453"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s vmwgfx driver in vmw_execbuf_tie_context. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Systems making use of the vmwgfx driver are potentially affected by this flaw; systems without the vmwgfx driver loaded are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40133"
},
{
"category": "external",
"summary": "RHBZ#2133453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40133"
}
],
"release_date": "2022-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the vmwgfx kernel module. For instructions relating to blacklisting a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context"
},
{
"cve": "CVE-2022-40982",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2223949"
}
],
"notes": [
{
"category": "description",
"text": "A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Intel: Gather Data Sampling (GDS) side channel vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40982"
},
{
"category": "external",
"summary": "RHBZ#2223949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223949"
},
{
"category": "external",
"summary": "RHSB-7027704",
"url": "https://access.redhat.com/solutions/7027704"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40982",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40982"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
}
],
"release_date": "2023-08-08T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "The vulnerability can be mitigated by installing the CPU microcode package microcode_ctl version 20230808.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Intel: Gather Data Sampling (GDS) side channel vulnerability"
},
{
"cve": "CVE-2022-42895",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2147356"
}
],
"notes": [
{
"category": "description",
"text": "An information leak vulnerability was found in the Linux kernel\u0027s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_req function. An attacker with physical access within the range of standard Bluetooth transmission could use this flaw to leak kernel pointers via Bluetooth if within proximity of the victim.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this flaw as it did not include support for parsing Extended Flow Specification option in L2CAP Config Request (upstream commit 42dceae2).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42895"
},
{
"category": "external",
"summary": "RHBZ#2147356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42895"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-vccx-8h74-2357",
"url": "https://github.com/google/security-research/security/advisories/GHSA-vccx-8h74-2357"
}
],
"release_date": "2022-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c"
},
{
"cve": "CVE-2022-45869",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2022-11-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151317"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: x86/mmu: race condition in direct_page_fault()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The nested virtualization feature is not enabled by default up to Red Hat Enterprise Linux 8.4. Most importantly, Red Hat currently provides nested virtualization only as a Technology Preview and is therefore unsupported for production use. For additional details, please see https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45869"
},
{
"category": "external",
"summary": "RHBZ#2151317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151317"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45869"
}
],
"release_date": "2022-11-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This vulnerability can be mitigated by disabling the nested virtualization feature.\n\nFor Intel:\n```\n# modprobe -r kvm_intel\n# modprobe kvm_intel nested=0\n```\n\nFor AMD:\n```\n# modprobe -r kvm_amd\n# modprobe kvm_amd nested=0\n```",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: x86/mmu: race condition in direct_page_fault()"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148520"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusb_dec_exit_dvb() function because of the lack of a dvb_frontend_detach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45887"
},
{
"category": "external",
"summary": "RHBZ#2148520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148520"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45887"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/",
"url": "https://lore.kernel.org/linux-media/20221115131822.6640-1-imv4bel@gmail.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/",
"url": "https://lore.kernel.org/linux-media/20221115131822.6640-5-imv4bel@gmail.com/"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the `ttusb_dec` kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c"
},
{
"cve": "CVE-2023-0458",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-04-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2193219"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the \u0027rlim\u0027 variable and can be used to leak the contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0458"
},
{
"category": "external",
"summary": "RHBZ#2193219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0458"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/739790605705ddcf18f21782b9c99ad7d53a8c11",
"url": "https://github.com/torvalds/linux/commit/739790605705ddcf18f21782b9c99ad7d53a8c11"
}
],
"release_date": "2023-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2023-0590",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165741"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free due to race condition in qdisc_graft()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "RHBZ#2165741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0590"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20221018203258.2793282-1-edumazet@google.com/",
"url": "https://lore.kernel.org/all/20221018203258.2793282-1-edumazet@google.com/"
}
],
"release_date": "2022-10-18T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free due to race condition in qdisc_graft()"
},
{
"cve": "CVE-2023-0597",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165926"
}
],
"notes": [
{
"category": "description",
"text": "A possible unauthorized memory access flaw was found in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stack(s) or other important data. This issue could allow a local user to gain access to some important data with expected location in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: x86/mm: Randomize per-cpu entry area",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0597"
},
{
"category": "external",
"summary": "RHBZ#2165926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0597"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/Yz%2FmfJ1gjgshF19t@hirez.programming.kicks-ass.net/",
"url": "https://lore.kernel.org/lkml/Yz%2FmfJ1gjgshF19t@hirez.programming.kicks-ass.net/"
}
],
"release_date": "2022-10-07T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: x86/mm: Randomize per-cpu entry area"
},
{
"cve": "CVE-2023-1073",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173403"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in the Linux kernel\u2019s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: HID: check empty report_list in hid_validate_values()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1073"
},
{
"category": "external",
"summary": "RHBZ#2173403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173403"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1073",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1073"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=b12fece4c64857e5fab4290bf01b2e0317a88456",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=b12fece4c64857e5fab4290bf01b2e0317a88456"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2023/01/17/3",
"url": "https://www.openwall.com/lists/oss-security/2023/01/17/3"
}
],
"release_date": "2023-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: HID: check empty report_list in hid_validate_values()"
},
{
"cve": "CVE-2023-1074",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173430"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: fail if no bound addresses can be used for a given scope",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1074"
},
{
"category": "external",
"summary": "RHBZ#2173430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1074"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=458e279f861d3f61796894cd158b780765a1569f",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=458e279f861d3f61796894cd158b780765a1569f"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2023/01/23/1",
"url": "https://www.openwall.com/lists/oss-security/2023/01/23/1"
}
],
"release_date": "2023-01-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sctp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: fail if no bound addresses can be used for a given scope"
},
{
"cve": "CVE-2023-1075",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173434"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s TLS protocol. This issue could allow a local user unauthorized access to some memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/tls: tls_is_tx_ready() checked list_entry",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1075"
},
{
"category": "external",
"summary": "RHBZ#2173434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1075"
}
],
"release_date": "2023-01-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: net/tls: tls_is_tx_ready() checked list_entry"
},
{
"cve": "CVE-2023-1079",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173444"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in asus_kbd_backlight_set in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hid: Use After Free in asus_remove()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1079"
},
{
"category": "external",
"summary": "RHBZ#2173444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1079"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=4ab3a086d10eeec1424f2e8a968827a6336203df",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=4ab3a086d10eeec1424f2e8a968827a6336203df"
}
],
"release_date": "2023-02-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected ASUS HID driver (for notebook built-in keyboard) module from loading during the boot time, ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hid: Use After Free in asus_remove()"
},
{
"acknowledgments": [
{
"names": [
"Duoming Zhou"
]
}
],
"cve": "CVE-2023-1118",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-02-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2174400"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s integrated infrared receiver/transceiver driver. This issue occurs when a user detaches a rc device. This could allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this vulnerability requires an attacker to either have physical access to a system with infrared receiver/transceiver hardware or requires a remote authenticated user to have knowledge about such hardware attached to the system and when it is disconnected, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "RHBZ#2174400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1118"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17",
"url": "https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17"
}
],
"release_date": "2023-02-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module ene_ir from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition"
},
{
"cve": "CVE-2023-1206",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2023-02-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2175903"
}
],
"notes": [
{
"category": "description",
"text": "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel\u2019s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hash collisions in the IPv6 connection lookup table",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1206"
},
{
"category": "external",
"summary": "RHBZ#2175903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1206"
},
{
"category": "external",
"summary": "https://git.kernel.org/linus/d11b0df7ddf1831f3e170972f43186dad520bfcc",
"url": "https://git.kernel.org/linus/d11b0df7ddf1831f3e170972f43186dad520bfcc"
}
],
"release_date": "2023-06-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "https://access.redhat.com/solutions/30453",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hash collisions in the IPv6 connection lookup table"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2023-1252",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2176140"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 (\"ovl: fix use after free in struct ovl_aio_req\") not applied yet, the kernel could be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ovl: fix use after free in struct ovl_aio_req",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is possibly only triggered if an Ext4 filesystem is mounted. Because of that fact, and because exploitation would require that an attacker was able to control how that filesystem interacted with an OverlayFS filesystem, Red Hat assesses the impact of this vulnerability as Medium.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1252"
},
{
"category": "external",
"summary": "RHBZ#2176140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/"
}
],
"release_date": "2021-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ovl: fix use after free in struct ovl_aio_req"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-1382",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177371"
}
],
"notes": [
{
"category": "description",
"text": "A data race flaw was found in the Linux kernel, between where con is allocated and con-\u003esock is set. This issue leads to a NULL pointer dereference when accessing con-\u003esock-\u003esk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: denial of service in tipc_conn_close",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1382"
},
{
"category": "external",
"summary": "RHBZ#2177371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1382",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1382"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/bc7bd3183f1c275c820690fc65b708238fe9e38e.1668807842.git.lucien.xin@gmail.com/T/#u",
"url": "https://lore.kernel.org/netdev/bc7bd3183f1c275c820690fc65b708238fe9e38e.1668807842.git.lucien.xin@gmail.com/T/#u"
}
],
"release_date": "2022-11-18T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected transparent inter-process communication (TIPC) protocol kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: denial of service in tipc_conn_close"
},
{
"cve": "CVE-2023-1855",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184578"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free bug in remove function xgene_hwmon_remove",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw affects a specific CPU family, and because exploitation requires elevated system privileges, Red Hat assesses the impact of this flaw as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1855"
},
{
"category": "external",
"summary": "RHBZ#2184578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184578"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1855",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1855"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20230318122758.2140868-1-linux@roeck-us.net/",
"url": "https://lore.kernel.org/all/20230318122758.2140868-1-linux@roeck-us.net/"
}
],
"release_date": "2023-03-10T10:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected APM X-Gene SoC HW monitor kernel driver (apm_xgene) from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free bug in remove function xgene_hwmon_remove"
},
{
"cve": "CVE-2023-1989",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185945"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. A call to btsdio_remove with an unfinished job may cause a race problem which leads to a UAF on hdev devices.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use after free bug in btsdio_remove due to race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because successful exploitation of this flaw requires that a system supports SDIO hardware and that an attacker has control over attaching and detaching that hardware, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1989"
},
{
"category": "external",
"summary": "RHBZ#2185945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1989"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088"
}
],
"release_date": "2023-03-09T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected Generic Bluetooth SDIO driver kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use after free bug in btsdio_remove due to race condition"
},
{
"cve": "CVE-2023-1998",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187257"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Linux Kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The kernel failed to protect applications that attempted to protect against Spectre v2 leaving them open to attack from other processes running on the same physical core in another hyperthread.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Spectre v2 SMT mitigations problem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1998"
},
{
"category": "external",
"summary": "RHBZ#2187257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187257"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1998"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mj4w-6495-6crx"
}
],
"release_date": "2023-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling Simultaneous Multithreading (SMT). For instructions on how to disable SMT in RHEL, please see https://access.redhat.com/solutions/rhel-smt.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Spectre v2 SMT mitigations problem"
},
{
"acknowledgments": [
{
"names": [
"Weiteng Chen. University of California, Riverside."
]
}
],
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"discovery_date": "2023-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2189388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux Kernel, leading to a denial of service. This issue occurs due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because exploitation of this flaw requires that an attacker has privileges sufficient to manage md arrays, Red Hat assesses the impact of this vulnerability as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2269"
},
{
"category": "external",
"summary": "RHBZ#2189388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2269",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2269"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/ZD1xyZxb3rHot8PV@redhat.com/t/",
"url": "https://lore.kernel.org/lkml/ZD1xyZxb3rHot8PV@redhat.com/t/"
}
],
"release_date": "2023-04-17T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos"
},
{
"cve": "CVE-2023-2513",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2193097"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext4: use-after-free in ext4_xattr_set_entry()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having Moderate impact because of the preconditions needed to trigger the issue. The vulnerability can be exploited by a regular user, but the filesystem should be mounted with `debug_want_extra_isize`=128 and the user must have write access to the filesystem. It\u0027s also important to emphasize that `debug_want_extra_isize` is a debug mount option and should never be used in production.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2513"
},
{
"category": "external",
"summary": "RHBZ#2193097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2513"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ext4: use-after-free in ext4_xattr_set_entry()"
},
{
"cve": "CVE-2023-3141",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213199"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use after free bug in r592_remove",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw requires that specific peripheral hardware is attached, that an attacker has access to the hardware, and that the attacker is able to control the timing of hardware or media attachment and removal, Red Hat assesses the impact of this vulnerability as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3141"
},
{
"category": "external",
"summary": "RHBZ#2213199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3141"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw@mail.gmail.com/t/",
"url": "https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw@mail.gmail.com/t/"
}
],
"release_date": "2023-03-07T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Use after free bug in r592_remove"
},
{
"acknowledgments": [
{
"names": [
"Sanan Hasanov"
]
}
],
"cve": "CVE-2023-3161",
"cwe": {
"id": "CWE-1335",
"name": "Incorrect Bitwise Shift of Integer"
},
"discovery_date": "2023-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213485"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing a font-\u003ewidth and font-\u003eheight greater than 32 to the fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fbcon: shift-out-of-bounds in fbcon_set_font()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3161"
},
{
"category": "external",
"summary": "RHBZ#2213485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3161",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3161"
}
],
"release_date": "2023-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fbcon: shift-out-of-bounds in fbcon_set_font()"
},
{
"cve": "CVE-2023-3212",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2214348"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause a kernel panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because exploitation of this flaw requires that an attacker is able to mount volumes they have prepared themselves or to corrupt existing system volumes, Red Hat assesses the impact of this vulnerability as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3212"
},
{
"category": "external",
"summary": "RHBZ#2214348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3212",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3212"
}
],
"release_date": "2023-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()"
},
{
"cve": "CVE-2023-3268",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-05-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215502"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds access in relay_file_read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3268"
},
{
"category": "external",
"summary": "RHBZ#2215502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3268",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3268"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc@wangsu.com/T/",
"url": "https://lore.kernel.org/lkml/1682238502-1892-1-git-send-email-yangpc@wangsu.com/T/"
}
],
"release_date": "2023-04-19T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds access in relay_file_read"
},
{
"cve": "CVE-2023-3609",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225201"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in u32_set_parms in net/sched/cls_u32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3609"
},
{
"category": "external",
"summary": "RHBZ#2225201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3609"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc"
}
],
"release_date": "2023-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module cls_u32 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails"
},
{
"cve": "CVE-2023-3611",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225191"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw was found in qfq_change_agg in net/sched/sch_qfq.c in the Traffic Control (QoS) subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3611"
},
{
"category": "external",
"summary": "RHBZ#2225191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225191"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3611",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3611"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e337087c3b5805fe0b8a46ba622a962880b5d64",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e337087c3b5805fe0b8a46ba622a962880b5d64"
}
],
"release_date": "2023-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module sch_qfq onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\n How do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead"
},
{
"acknowledgments": [
{
"names": [
"Lin Ma"
],
"organization": "ZJU \u0026 Ant Security Light-Year Lab"
}
],
"cve": "CVE-2023-3772",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-06-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3772"
},
{
"category": "external",
"summary": "RHBZ#2218943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3772"
}
],
"release_date": "2023-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()"
},
{
"cve": "CVE-2023-4128",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2261965"
}
],
"notes": [
{
"category": "description",
"text": "This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All CVE users should reference CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4128"
},
{
"category": "external",
"summary": "RHBZ#2261965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261965"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-4206",
"url": "https://access.redhat.com/security/cve/CVE-2023-4206"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-4207",
"url": "https://access.redhat.com/security/cve/CVE-2023-4207"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-4208",
"url": "https://access.redhat.com/security/cve/CVE-2023-4208"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"acknowledgments": [
{
"names": [
"Duoming Zhou"
]
}
],
"cve": "CVE-2023-4132",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2221707"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: smsusb: use-after-free caused by do_submit_urb()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4132"
},
{
"category": "external",
"summary": "RHBZ#2221707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4132",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4132"
}
],
"release_date": "2023-02-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: smsusb: use-after-free caused by do_submit_urb()"
},
{
"cve": "CVE-2023-4155",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2023-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213802"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw, as they did not include support for KVM AMD Secure Encrypted Virtualization (SEV). \nNote: AMD SEV is currently provided as a Technology Preview in RHEL 8, therefore, it is unsupported for production use. For additional details see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4155"
},
{
"category": "external",
"summary": "RHBZ#2213802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4155"
}
],
"release_date": "2023-08-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability"
},
{
"cve": "CVE-2023-4206",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225511"
}
],
"notes": [
{
"category": "description",
"text": "There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. \r\nA local user could use any of these flaws to crash the system or potentially escalate their privileges on the system.\r\n\r\nSimilar CVE-2023-4128 was rejected as a duplicate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4206"
},
{
"category": "external",
"summary": "RHBZ#2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4206"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"cve": "CVE-2023-4207",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225511"
}
],
"notes": [
{
"category": "description",
"text": "There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. \r\nA local user could use any of these flaws to crash the system or potentially escalate their privileges on the system.\r\n\r\nSimilar CVE-2023-4128 was rejected as a duplicate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4207"
},
{
"category": "external",
"summary": "RHBZ#2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4207"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"cve": "CVE-2023-4208",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2225511"
}
],
"notes": [
{
"category": "description",
"text": "There are 3 CVEs for the use-after-free flaw found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. \r\nA local user could use any of these flaws to crash the system or potentially escalate their privileges on the system.\r\n\r\nSimilar CVE-2023-4128 was rejected as a duplicate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4208"
},
{
"category": "external",
"summary": "RHBZ#2225511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4208",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4208"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/"
}
],
"release_date": "2023-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module cls_u32 from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route"
},
{
"cve": "CVE-2023-4732",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"discovery_date": "2023-09-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236982"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4732"
},
{
"category": "external",
"summary": "RHBZ#2236982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4732"
}
],
"release_date": "2023-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "A possible workaround is disabling Transparent Hugepage",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h"
},
{
"cve": "CVE-2023-23455",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168332"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23455"
},
{
"category": "external",
"summary": "RHBZ#2168332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23455"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b"
}
],
"release_date": "2023-01-01T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n```\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n```",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion"
},
{
"cve": "CVE-2023-26545",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-02-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182443"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the Linux kernel when the MPLS implementation handled sysctl allocation failures. This issue could allow a local user to cause a denial of service or possibly execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mpls: double free on sysctl allocation failure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include MPLS routing support, which was introduced upstream in version 4.1-rc1 (commit 0189197 \"mpls: Basic routing support\").",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "RHBZ#2182443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26545"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mpls: double free on sysctl allocation failure"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-28328",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177389"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be mitigated by preventing the affected dvb_usb_az6027 kernel module from loading during the boot time. Ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28328"
},
{
"category": "external",
"summary": "RHBZ#2177389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28328",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28328"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/20221120065918.2160782-1-zhongbaisong@huawei.com/",
"url": "https://lore.kernel.org/linux-media/20221120065918.2160782-1-zhongbaisong@huawei.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/CAO4mrfcPHB5aQJO=mpqV+p8mPLNg-Fok0gw8gZ=zemAfMGTzMg@mail.gmail.com/",
"url": "https://lore.kernel.org/lkml/CAO4mrfcPHB5aQJO=mpqV+p8mPLNg-Fok0gw8gZ=zemAfMGTzMg@mail.gmail.com/"
}
],
"release_date": "2022-11-18T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c"
},
{
"cve": "CVE-2023-28772",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2181330"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow write flaw was identified in seq_buf_putmem_hex in lib/seq_buf.c in seq_buf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28772"
},
{
"category": "external",
"summary": "RHBZ#2181330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28772"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7",
"url": "https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7"
}
],
"release_date": "2023-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow"
},
{
"cve": "CVE-2023-30456",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2023-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188468"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM\u0027s Intel nested virtualization feature (nVMX). The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances (i.e., kvm_intel module loaded with parameters nested=1 and ept=0) this could allow a malicious guest to crash the host system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: nVMX: missing consistency checks for CR0 and CR4",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat currently provides the nested virtualization feature as a Technology Preview. Nested virtualization is therefore unsupported for production use. For more information please refer to https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-30456"
},
{
"category": "external",
"summary": "RHBZ#2188468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188468"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-30456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30456"
}
],
"release_date": "2023-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This vulnerability can be mitigated by disabling the nested virtualization feature:\n```\n# modprobe -r kvm_intel\n# modprobe kvm_intel nested=0\n```",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: nVMX: missing consistency checks for CR0 and CR4"
},
{
"cve": "CVE-2023-31084",
"discovery_date": "2023-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213139"
}
],
"notes": [
{
"category": "description",
"text": "A potential deadlock flaw was found in the Linux\u2019s kernel DVB API (used by Digital TV devices) functionality. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-31084"
},
{
"category": "external",
"summary": "RHBZ#2213139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31084"
}
],
"release_date": "2023-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible"
},
{
"cve": "CVE-2023-31436",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2192671"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s traffic control (QoS) subsystem in how a user triggers the qfq_change_class function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write in qfq_change_class function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-31436"
},
{
"category": "external",
"summary": "RHBZ#2192671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192671"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31436"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3037933448f60f9acb705997eae62013ecb81e0d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3037933448f60f9acb705997eae62013ecb81e0d"
}
],
"release_date": "2023-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module, sch_qfq from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: out-of-bounds write in qfq_change_class function"
},
{
"cve": "CVE-2023-33203",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-03-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2192667"
}
],
"notes": [
{
"category": "description",
"text": "A race condition vulnerability was found in the Linux kernel\u0027s Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include support for the EMAC Gigabit Ethernet Controller.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-33203"
},
{
"category": "external",
"summary": "RHBZ#2192667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192667"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33203"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()"
},
{
"cve": "CVE-2023-33951",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218195"
}
],
"notes": [
{
"category": "description",
"text": "A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: race condition leading to information disclosure vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-33951"
},
{
"category": "external",
"summary": "RHBZ#2218195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33951",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33951"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: race condition leading to information disclosure vulnerability"
},
{
"cve": "CVE-2023-33952",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218212"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vmwgfx: double free within the handling of vmw_buffer_object objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having Moderate impact because of the preconditions needed to trigger the issue: An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-33952"
},
{
"category": "external",
"summary": "RHBZ#2218212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33952"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vmwgfx: double free within the handling of vmw_buffer_object objects"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215835"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s saa7134 device driver. This occurs when removing the module before cleanup in the saa7134_finidev function which can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: saa7134: race condition leading to use-after-free in saa7134_finidev()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw only affects systems with specific hardware installed, and because exploitation requires an attacker to be able to manipulate the driver or the physical hardware with precise timing, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35823"
},
{
"category": "external",
"summary": "RHBZ#2215835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35823"
}
],
"release_date": "2023-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: saa7134: race condition leading to use-after-free in saa7134_finidev()"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215836"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s dm1105 device driver when removing the module before cleanup in the dm1105_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because this flaw only affects systems with specific hardware installed, and because exploitation requires an attacker to be able to manipulate the driver with precise timing, Red Hat assesses the impact of this vulnerability as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35824"
},
{
"category": "external",
"summary": "RHBZ#2215836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35824"
}
],
"release_date": "2023-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c()"
},
{
"cve": "CVE-2023-35825",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215837"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s r592 device driver, when removing the module before cleanup in the r592_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: r592: race condition leading to use-after-free in r592_remove()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35825"
},
{
"category": "external",
"summary": "RHBZ#2215837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215837"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35825",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35825"
}
],
"release_date": "2023-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T15:24:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"NFV-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"NFV-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.src",
"RT-8.9.0.GA:kernel-rt-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-core-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-devel-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-kvm-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64",
"RT-8.9.0.GA:kernel-rt-modules-extra-0:4.18.0-513.5.1.rt7.307.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: r592: race condition leading to use-after-free in r592_remove()"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…