rhsa-2024_5282
Vulnerability from csaf_redhat
Published
2024-08-13 14:30
Modified
2024-11-24 18:03
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
* kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)
* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)
* kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)
* kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)
* kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-8.4.z Batch 27 (JIRA:RHEL-50526)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)\n\n* kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)\n\n* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)\n\n* kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)\n\n* kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)\n\n* kernel: NFSD: Fix NFSv3 SETATTR/CREATE\u0026#39;s handling of large file sizes (CVE-2022-48829)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-8.4.z Batch 27 (JIRA:RHEL-50526)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:5282", "url": "https://access.redhat.com/errata/RHSA-2024:5282" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2281949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281949" }, { "category": "external", "summary": "2292331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331" }, { "category": "external", "summary": "2297474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474" }, { "category": "external", "summary": "2298166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298166" }, { "category": "external", "summary": "2298167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298167" }, { "category": "external", "summary": "2298168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298168" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5282.json" } ], "title": "Red Hat Security Advisory: kernel-rt security update", "tracking": { "current_release_date": "2024-11-24T18:03:14+00:00", "generator": { "date": "2024-11-24T18:03:14+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:5282", "initial_release_date": "2024-08-13T14:30:30+00:00", "revision_history": [ { "date": "2024-08-13T14:30:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-08-13T14:30:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-24T18:03:14+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux NFV TUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_tus:8.4::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux RT TUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_tus:8.4::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "product": { "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "product_id": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.138.1.rt7.214.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src" }, "product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)", "product_id": "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src" }, "product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)", "product_id": "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.TUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-48827", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298166" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s NFSD, where improper handling of read requests near the maximum offset can lead to an integer overflow. When a client attempts to read from a near-maximum offset, it causes the server to return an invalid NFS error, resulting in indefinite retries by the client. This behavior can disrupt file access and stability in networked environments.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NFSD: Fix the behavior of READ near OFFSET_MAX", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48827" }, { "category": "external", "summary": "RHBZ#2298166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48827", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48827" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48827", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48827" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48827-f95b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48827-f95b@gregkh/T" } ], "release_date": "2024-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-13T14:30:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5282" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: NFSD: Fix the behavior of READ near OFFSET_MAX" }, { "cve": "CVE-2022-48828", "discovery_date": "2024-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298167" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix ia_size underflow\n\niattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and\nNFSv4 both define file size as an unsigned 64-bit type. Thus there\nis a range of valid file size values an NFS client can send that is\nalready larger than Linux can handle.\n\nCurrently decode_fattr4() dumps a full u64 value into ia_size. If\nthat value happens to be larger than S64_MAX, then ia_size\nunderflows. I\u0027m about to fix up the NFSv3 behavior as well, so let\u0027s\ncatch the underflow in the common code path: nfsd_setattr().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NFSD: Fix ia_size underflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48828" }, { "category": "external", "summary": "RHBZ#2298167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48828", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48828" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48828", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48828" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48828-97cb@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48828-97cb@gregkh/T" } ], "release_date": "2024-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-13T14:30:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5282" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: NFSD: Fix ia_size underflow" }, { "cve": "CVE-2022-48829", "cwe": { "id": "CWE-253", "name": "Incorrect Check of Function Return Value" }, "discovery_date": "2024-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298168" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix NFSv3 SETATTR/CREATE\u0027s handling of large file sizes\n\niattr::ia_size is a loff_t, so these NFSv3 procedures must be\ncareful to deal with incoming client size values that are larger\nthan s64_max without corrupting the value.\n\nSilently capping the value results in storing a different value\nthan the client passed in which is unexpected behavior, so remove\nthe min_t() check in decode_sattr3().\n\nNote that RFC 1813 permits only the WRITE procedure to return\nNFS3ERR_FBIG. We believe that NFSv3 reference implementations\nalso return NFS3ERR_FBIG when ia_size is too large.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NFSD: Fix NFSv3 SETATTR/CREATE\u0026#39;s handling of large file sizes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48829" }, { "category": "external", "summary": "RHBZ#2298168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48829", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48829" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48829", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48829" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48829-2145@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48829-2145@gregkh/T" } ], "release_date": "2024-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-13T14:30:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5282" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: NFSD: Fix NFSv3 SETATTR/CREATE\u0026#39;s handling of large file sizes" }, { "cve": "CVE-2024-36005", "discovery_date": "2024-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281949" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: honor table dormant flag from netdev release event path\n\nCheck for table dormant flag otherwise netdev release event path tries\nto unregister an already unregistered hook.\n\n[524854.857999] ------------[ cut here ]------------\n[524854.858010] WARNING: CPU: 0 PID: 3386599 at net/netfilter/core.c:501 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[524854.858848] CPU: 0 PID: 3386599 Comm: kworker/u32:2 Not tainted 6.9.0-rc3+ #365\n[524854.858869] Workqueue: netns cleanup_net\n[524854.858886] RIP: 0010:__nf_unregister_net_hook+0x21a/0x260\n[524854.858903] Code: 24 e8 aa 73 83 ff 48 63 43 1c 83 f8 01 0f 85 3d ff ff ff e8 98 d1 f0 ff 48 8b 3c 24 e8 8f 73 83 ff 48 63 43 1c e9 26 ff ff ff \u003c0f\u003e 0b 48 83 c4 18 48 c7 c7 00 68 e9 82 5b 5d 41 5c 41 5d 41 5e 41\n[524854.858914] RSP: 0018:ffff8881e36d79e0 EFLAGS: 00010246\n[524854.858926] RAX: 0000000000000000 RBX: ffff8881339ae790 RCX: ffffffff81ba524a\n[524854.858936] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881c8a16438\n[524854.858945] RBP: ffff8881c8a16438 R08: 0000000000000001 R09: ffffed103c6daf34\n[524854.858954] R10: ffff8881e36d79a7 R11: 0000000000000000 R12: 0000000000000005\n[524854.858962] R13: ffff8881c8a16000 R14: 0000000000000000 R15: ffff8881351b5a00\n[524854.858971] FS: 0000000000000000(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[524854.858982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[524854.858991] CR2: 00007fc9be0f16f4 CR3: 00000001437cc004 CR4: 00000000001706f0\n[524854.859000] Call Trace:\n[524854.859006] \u003cTASK\u003e\n[524854.859013] ? __warn+0x9f/0x1a0\n[524854.859027] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859044] ? report_bug+0x1b1/0x1e0\n[524854.859060] ? handle_bug+0x3c/0x70\n[524854.859071] ? exc_invalid_op+0x17/0x40\n[524854.859083] ? asm_exc_invalid_op+0x1a/0x20\n[524854.859100] ? __nf_unregister_net_hook+0x6a/0x260\n[524854.859116] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859135] nf_tables_netdev_event+0x337/0x390 [nf_tables]\n[524854.859304] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859461] ? packet_notifier+0xb3/0x360\n[524854.859476] ? _raw_spin_unlock_irqrestore+0x11/0x40\n[524854.859489] ? dcbnl_netdevice_event+0x35/0x140\n[524854.859507] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859661] notifier_call_chain+0x7d/0x140\n[524854.859677] unregister_netdevice_many_notify+0x5e1/0xae0", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36005" }, { "category": "external", "summary": "RHBZ#2281949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281949" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36005", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36005", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36005" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T" } ], "release_date": "2024-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-13T14:30:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5282" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path" }, { "cve": "CVE-2024-36971", "discovery_date": "2024-06-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292331" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u0027s network route management. This flaw allows an attacker to alter the behavior of certain network connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: kernel: UAF in network route management", "title": "Vulnerability summary" }, { "category": "other", "text": "Environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971. Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them. This problem stems from modules which use the `negative_advice()` function.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36971" }, { "category": "external", "summary": "RHBZ#2292331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36971", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2024-06-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-13T14:30:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5282" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2024-08-07T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "kernel: net: kernel: UAF in network route management" }, { "cve": "CVE-2024-39502", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2297474" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nionic: fix use after netif_napi_del()\n\nWhen queues are started, netif_napi_add() and napi_enable() are called.\nIf there are 4 queues and only 3 queues are used for the current\nconfiguration, only 3 queues\u0027 napi should be registered and enabled.\nThe ionic_qcq_enable() checks whether the .poll pointer is not NULL for\nenabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be\nregistered by netif_napi_add(), so the .poll pointer indicates NULL.\nBut it couldn\u0027t distinguish whether the napi was unregistered or not\nbecause netif_napi_del() doesn\u0027t reset the .poll pointer to NULL.\nSo, ionic_qcq_enable() calls napi_enable() for the queue, which was\nunregistered by netif_napi_del().\n\nReproducer:\n ethtool -L \u003cinterface name\u003e rx 1 tx 1 combined 0\n ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 1\n ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 4\n\nSplat looks like:\nkernel BUG at net/core/dev.c:6666!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 1057 Comm: kworker/3:3 Not tainted 6.10.0-rc2+ #16\nWorkqueue: events ionic_lif_deferred_work [ionic]\nRIP: 0010:napi_enable+0x3b/0x40\nCode: 48 89 c2 48 83 e2 f6 80 b9 61 09 00 00 00 74 0d 48 83 bf 60 01 00 00 00 74 03 80 ce 01 f0 4f\nRSP: 0018:ffffb6ed83227d48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff97560cda0828 RCX: 0000000000000029\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff97560cda0a28\nRBP: ffffb6ed83227d50 R08: 0000000000000400 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\nR13: ffff97560ce3c1a0 R14: 0000000000000000 R15: ffff975613ba0a20\nFS: 0000000000000000(0000) GS:ffff975d5f780000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8f734ee200 CR3: 0000000103e50000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? napi_enable+0x3b/0x40\n ? do_error_trap+0x83/0xb0\n ? napi_enable+0x3b/0x40\n ? napi_enable+0x3b/0x40\n ? exc_invalid_op+0x4e/0x70\n ? napi_enable+0x3b/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? napi_enable+0x3b/0x40\n ionic_qcq_enable+0xb7/0x180 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_start_queues+0xc4/0x290 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_link_status_check+0x11c/0x170 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_lif_deferred_work+0x129/0x280 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n process_one_work+0x145/0x360\n worker_thread+0x2bb/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ionic: fix use after netif_napi_del()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39502" }, { "category": "external", "summary": "RHBZ#2297474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39502", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T" } ], "release_date": "2024-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-13T14:30:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5282" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src", "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64", "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ionic: fix use after netif_napi_del()" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.