RHSA-2024_8158
Vulnerability from csaf_redhat - Published: 2024-10-16 00:12 - Updated: 2024-12-04 07:30Summary
Red Hat Security Advisory: kernel-rt security update
Severity
Moderate
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)
* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)
* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)
* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)
* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)
* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)
* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)
* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7)) from device then Null pointer dereference occurs. (It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers) Also lm75[] does not serve a purpose anymore after switching to devm_i2c_new_dummy_device() in w83791d_detect_subclients(). The patch fixes possible NULL pointer dereference by removing lm75[]. Found by Linux Driver Verification project (linuxtesting.org). [groeck: Dropped unnecessary continuation lines, fixed multipline alignment]
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time different from (and potentially shorter than) the sum of entry intervals. We need one more restriction, which is that the cycle time itself must be larger than N * ETH_ZLEN bit times, where N is the number of schedule entries. This restriction needs to apply regardless of whether the cycle time came from the user or was the implicit, auto-calculated value, so we move the existing "cycle == 0" check outside the "if "(!new->cycle_time)" branch. This way covers both conditions and scenarios. Add a selftest which illustrates the issue triggered by syzbot.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions. Later commit 0c771b99d6c9 ("xfs: clean up calculation of LR header blocks") cleaned up the log reover buffer calculation, but stoped using the fixed up h_size value to size the log recovery buffer, which can lead to an out of bounds access when the incorrect h_size does not come from the old mkfs tool, but a fuzzer. Fix this by open coding xlog_logrec_hblks and taking the fixed h_size into account for this calculation.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files Use strnlen() instead of strlen() on the algorithm and coefficient name string arrays in V1 wmfw files. In V1 wmfw files the name is a NUL-terminated string in a fixed-size array. cs_dsp should protect against overrunning the array if the NUL terminator is missing.
5.2 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: tx_buff[free_map[consumer_index]]->skb = new_skb; free_map[consumer_index] = IBMVNIC_INVALID_MAP; consumer_index ++; Where variable data looks like this: free_map == [4, IBMVNIC_INVALID_MAP, IBMVNIC_INVALID_MAP, 0, 3] consumer_index^ tx_buff == [skb=null, skb=<ptr>, skb=<ptr>, skb=null, skb=null] The driver has checks to ensure that free_map[consumer_index] pointed to a valid index but there was no check to ensure that this index pointed to an unused/null skb address. So, if, by some chance, our free_map and tx_buff lists become out of sync then we were previously risking an skb memory leak. This could then cause tcp congestion control to stop sending packets, eventually leading to ETIMEDOUT. Therefore, add a conditional to ensure that the skb address is null. If not then warn the user (because this is still a bug that should be patched) and free the old pointer to prevent memleak/tcp problems.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
Workaround
To mitigate this issue, prevent module ibmvnic from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A deadlock flaw was found in the Linux kernel’s pinctrl subsystem. This flaw allows a local user to crash the system.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zones_ht_key got a struct net pointer. Make sure rhashtable_lookup() is not using the padding bytes which are not initialized. BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:376 [inline] BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:607 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:646 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline] BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329 rht_ptr_rcu include/linux/rhashtable.h:376 [inline] __rhashtable_lookup include/linux/rhashtable.h:607 [inline] rhashtable_lookup include/linux/rhashtable.h:646 [inline] rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline] tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329 tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408 tcf_action_init_1+0x6cc/0xb30 net/sched/act_api.c:1425 tcf_action_init+0x458/0xf00 net/sched/act_api.c:1488 tcf_action_add net/sched/act_api.c:2061 [inline] tc_ctl_action+0x4be/0x19d0 net/sched/act_api.c:2118 rtnetlink_rcv_msg+0x12fc/0x1410 net/core/rtnetlink.c:6647 netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2550 rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6665 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:745 ____sys_sendmsg+0x877/0xb60 net/socket.c:2597 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2651 __sys_sendmsg net/socket.c:2680 [inline] __do_sys_sendmsg net/socket.c:2689 [inline] __se_sys_sendmsg net/socket.c:2687 [inline] __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2687 x64_sys_call+0x2dd6/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Local variable key created at: tcf_ct_flow_table_get+0x4a/0x2260 net/sched/act_ct.c:324 tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP media address.
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:8158
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)\n\n* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)\n\n* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)\n\n* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)\n\n* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)\n\n* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)\n\n* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)\n\n* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)\n\n* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8158",
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2270700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270700"
},
{
"category": "external",
"summary": "2282355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282355"
},
{
"category": "external",
"summary": "2293654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293654"
},
{
"category": "external",
"summary": "2296067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296067"
},
{
"category": "external",
"summary": "2300430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300430"
},
{
"category": "external",
"summary": "2300442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300442"
},
{
"category": "external",
"summary": "2300552",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300552"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8158.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2024-12-04T07:30:25+00:00",
"generator": {
"date": "2024-12-04T07:30:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:8158",
"initial_release_date": "2024-10-16T00:12:12+00:00",
"revision_history": [
{
"date": "2024-10-16T00:12:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-16T00:12:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-04T07:30:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.88.1.rt14.373.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.88.1.rt14.373.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47385",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2282355"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field\n\nIf driver read val value sufficient for\n(val \u0026 0x08) \u0026\u0026 (!(val \u0026 0x80)) \u0026\u0026 ((val \u0026 0x7) == ((val \u003e\u003e 4) \u0026 0x7))\nfrom device then Null pointer dereference occurs.\n(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)\nAlso lm75[] does not serve a purpose anymore after switching to\ndevm_i2c_new_dummy_device() in w83791d_detect_subclients().\n\nThe patch fixes possible NULL pointer dereference by removing lm75[].\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[groeck: Dropped unnecessary continuation lines, fixed multipline alignment]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as a moderate severity because it can cause crashes and operational disruptions, it does not expose sensitive information or allow unauthorized access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47385"
},
{
"category": "external",
"summary": "RHBZ#2282355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47385"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47385",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47385"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47385-a7e7@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47385-a7e7@gregkh/T"
}
],
"release_date": "2024-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field"
},
{
"cve": "CVE-2023-28746",
"cwe": {
"id": "CWE-1342",
"name": "Information Exposure through Microarchitectural State after Transient Execution"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270700"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in some Intel Atom Processor\u0027s microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local information disclosure on Intel(R) Atom(R) processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28746"
},
{
"category": "external",
"summary": "RHBZ#2270700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270700"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28746",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28746"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html"
}
],
"release_date": "2024-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local information disclosure on Intel(R) Atom(R) processors"
},
{
"cve": "CVE-2024-36244",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293654"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: extend minimum interval restriction to entire cycle too\n\nIt is possible for syzbot to side-step the restriction imposed by the\nblamed commit in the Fixes: tag, because the taprio UAPI permits a\ncycle-time different from (and potentially shorter than) the sum of\nentry intervals.\n\nWe need one more restriction, which is that the cycle time itself must\nbe larger than N * ETH_ZLEN bit times, where N is the number of schedule\nentries. This restriction needs to apply regardless of whether the cycle\ntime came from the user or was the implicit, auto-calculated value, so\nwe move the existing \"cycle == 0\" check outside the \"if \"(!new-\u003ecycle_time)\"\nbranch. This way covers both conditions and scenarios.\n\nAdd a selftest which illustrates the issue triggered by syzbot.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-36244"
},
{
"category": "external",
"summary": "RHBZ#2293654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-36244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36244"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-36244-f88f@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-36244-f88f@gregkh/T"
}
],
"release_date": "2024-06-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too"
},
{
"cve": "CVE-2024-39472",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2296067"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix log recovery buffer allocation for the legacy h_size fixup\n\nCommit a70f9fe52daa (\"xfs: detect and handle invalid iclog size set by\nmkfs\") added a fixup for incorrect h_size values used for the initial\numount record in old xfsprogs versions. Later commit 0c771b99d6c9\n(\"xfs: clean up calculation of LR header blocks\") cleaned up the log\nreover buffer calculation, but stoped using the fixed up h_size value\nto size the log recovery buffer, which can lead to an out of bounds\naccess when the incorrect h_size does not come from the old mkfs\ntool, but a fuzzer.\n\nFix this by open coding xlog_logrec_hblks and taking the fixed h_size\ninto account for this calculation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39472"
},
{
"category": "external",
"summary": "RHBZ#2296067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39472"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39472",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39472"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024070512-CVE-2024-39472-f977@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024070512-CVE-2024-39472-f977@gregkh/T"
}
],
"release_date": "2024-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup"
},
{
"cve": "CVE-2024-41056",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300430"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files\n\nUse strnlen() instead of strlen() on the algorithm and coefficient name\nstring arrays in V1 wmfw files.\n\nIn V1 wmfw files the name is a NUL-terminated string in a fixed-size\narray. cs_dsp should protect against overrunning the array if the NUL\nterminator is missing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41056"
},
{
"category": "external",
"summary": "RHBZ#2300430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41056"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072930-CVE-2024-41056-c324@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072930-CVE-2024-41056-c324@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files"
},
{
"cve": "CVE-2024-41066",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300442"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Add tx check to prevent skb leak\n\nBelow is a summary of how the driver stores a reference to an skb during\ntransmit:\n tx_buff[free_map[consumer_index]]-\u003eskb = new_skb;\n free_map[consumer_index] = IBMVNIC_INVALID_MAP;\n consumer_index ++;\nWhere variable data looks like this:\n free_map == [4, IBMVNIC_INVALID_MAP, IBMVNIC_INVALID_MAP, 0, 3]\n \tconsumer_index^\n tx_buff == [skb=null, skb=\u003cptr\u003e, skb=\u003cptr\u003e, skb=null, skb=null]\n\nThe driver has checks to ensure that free_map[consumer_index] pointed to\na valid index but there was no check to ensure that this index pointed\nto an unused/null skb address. So, if, by some chance, our free_map and\ntx_buff lists become out of sync then we were previously risking an\nskb memory leak. This could then cause tcp congestion control to stop\nsending packets, eventually leading to ETIMEDOUT.\n\nTherefore, add a conditional to ensure that the skb address is null. If\nnot then warn the user (because this is still a bug that should be\npatched) and free the old pointer to prevent memleak/tcp problems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ibmvnic: Add tx check to prevent skb leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41066"
},
{
"category": "external",
"summary": "RHBZ#2300442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41066",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41066"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072907-CVE-2024-41066-0a52@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072907-CVE-2024-41066-0a52@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module ibmvnic from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ibmvnic: Add tx check to prevent skb leak"
},
{
"cve": "CVE-2024-42090",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300552"
}
],
"notes": [
{
"category": "description",
"text": "A deadlock flaw was found in the Linux kernel\u2019s pinctrl subsystem. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No known reproducer for this issue. It can happen due to some complex preconditions and in-error path handling.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42090"
},
{
"category": "external",
"summary": "RHBZ#2300552",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300552"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42090"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072946-CVE-2024-42090-5687@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072946-CVE-2024-42090-5687@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER"
},
{
"cve": "CVE-2024-42272",
"discovery_date": "2024-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305417"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: act_ct: take care of padding in struct zones_ht_key\n\nBlamed commit increased lookup key size from 2 bytes to 16 bytes,\nbecause zones_ht_key got a struct net pointer.\n\nMake sure rhashtable_lookup() is not using the padding bytes\nwhich are not initialized.\n\n BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:376 [inline]\n BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:607 [inline]\n BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329\n rht_ptr_rcu include/linux/rhashtable.h:376 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:607 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n tcf_ct_flow_table_get+0x611/0x2260 net/sched/act_ct.c:329\n tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408\n tcf_action_init_1+0x6cc/0xb30 net/sched/act_api.c:1425\n tcf_action_init+0x458/0xf00 net/sched/act_api.c:1488\n tcf_action_add net/sched/act_api.c:2061 [inline]\n tc_ctl_action+0x4be/0x19d0 net/sched/act_api.c:2118\n rtnetlink_rcv_msg+0x12fc/0x1410 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2550\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6665\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2597\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2651\n __sys_sendmsg net/socket.c:2680 [inline]\n __do_sys_sendmsg net/socket.c:2689 [inline]\n __se_sys_sendmsg net/socket.c:2687 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2687\n x64_sys_call+0x2dd6/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nLocal variable key created at:\n tcf_ct_flow_table_get+0x4a/0x2260 net/sched/act_ct.c:324\n tcf_ct_init+0xa67/0x2890 net/sched/act_ct.c:1408",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sched: act_ct: take care of padding in struct zones_ht_key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 7 and 8 are not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42272"
},
{
"category": "external",
"summary": "RHBZ#2305417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305417"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42272"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42272",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42272"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024081739-CVE-2024-42272-c687@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024081739-CVE-2024-42272-c687@gregkh/T"
}
],
"release_date": "2024-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sched: act_ct: take care of padding in struct zones_ht_key"
},
{
"cve": "CVE-2024-42284",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2024-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305429"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Return non-zero value from tipc_udp_addr2str() on error\n\ntipc_udp_addr2str() should return non-zero value if the UDP media\naddress is invalid. Otherwise, a buffer overflow access can occur in\ntipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP\nmedia address.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42284"
},
{
"category": "external",
"summary": "RHBZ#2305429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42284"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024081743-CVE-2024-42284-bbfa@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024081743-CVE-2024-42284-bbfa@gregkh/T"
}
],
"release_date": "2024-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-16T00:12:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8158"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.88.1.rt14.373.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…