Vulnerability-Lookup

RHSA-2024_8614

Vulnerability from csaf_redhat - Published: 2024-10-30 00:15 - Updated: 2024-12-11 21:54

Summary

Red Hat Security Advisory: kernel-rt security update

Severity

Moderate

Notes

Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252) * hw: cpu: intel: Native Branch History Injection (BHI) (CVE-2024-2201) * kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489) * kernel: blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671) * kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (CVE-2024-26686) * kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826) * kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961) * kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384) * kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889) * kernel: ipv6: prevent possible NULL dereference in rt6_probe() (CVE-2024-40960) * kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (CVE-2024-40998) * kernel: filelock: fix potential use-after-free in posix_lock_inode (CVE-2024-41049) * kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055) * kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-47384

In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field If driver read tmp value sufficient for (tmp & 0x08) && (!(tmp & 0x80)) && ((tmp & 0x7) == ((tmp >> 4) & 0x7)) from device then Null pointer dereference occurs. (It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers) Also lm75[] does not serve a purpose anymore after switching to devm_i2c_new_dummy_device() in w83791d_detect_subclients(). The patch fixes possible NULL pointer dereference by removing lm75[]. Found by Linux Driver Verification project (linuxtesting.org). [groeck: Dropped unnecessary continuation lines, fixed multi-line alignments]

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. https://access.redhat.com/errata/RHSA-2024:8614

Workaround Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.

CVE-2023-1252

A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

CVE-2023-52489

A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. This may lead to compromised Availability.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE-2024-2201

A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-1423 - Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution

Workaround Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

CVE-2024-26671

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(), waitqueue_active() may not observe the added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime blk_mq_mark_tag_wait() can't get driver tag successfully. This issue can be reproduced by running the following test in loop, and fio hang can be observed in < 30min when running it on my test VM in laptop. modprobe -r scsi_debug modprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4 dev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename` fio --filename=/dev/"$dev" --direct=1 --rw=randrw --bs=4k --iodepth=1 \ --runtime=100 --numjobs=40 --time_based --name=test \ --ioengine=libaio Fix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which is just fine in case of running out of tag.

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE-2024-26686

A vulnerability was found in the do_task_stat() function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-413 - Improper Resource Locking

CVE-2024-26826

A flaw was found in the Linux kernel. A logical error in the Multipath TCP packet manager causes some packets intended for retransmission to be lost, resulting in a potential denial of service.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

CVE-2024-26961

A flaw was found in the Linux Kernel where resources are improperly managed in IEEE 802.15.4 networking, leading to a potential use-after-free issue, resulting in a denial of service.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-459 - Incomplete Cleanup

CVE-2024-36889

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005 Modules linked in: CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014 Workqueue: events mptcp_worker RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005 Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8 8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe <0f> 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9 RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4 RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000 R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000 FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0 Call Trace: <TASK> __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline] mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline] __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615 mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767 process_one_work+0x1e0/0x560 kernel/workqueue.c:3254 process_scheduled_works kernel/workqueue.c:3335 [inline] worker_thread+0x3c7/0x640 kernel/workqueue.c:3416 kthread+0x121/0x170 kernel/kthread.c:388 ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 </TASK> When fallback to TCP happens early on a client socket, snd_nxt is not yet initialized and any incoming ack will copy such value into snd_una. If the mptcp worker (dumbly) tries mptcp-level re-injection after such ack, that would unconditionally trigger a send buffer cleanup using 'bad' snd_una values. We could easily disable re-injection for fallback sockets, but such dumb behavior already helped catching a few subtle issues and a very low to zero impact in practice. Instead address the issue always initializing snd_nxt (and write_seq, for consistency) at connect time.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-665 - Improper Initialization

CVE-2024-40960

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL. [1] Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cb: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000658-0x000000000000065f] CPU: 1 PID: 22444 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00383-gb8481381d4e2 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 RIP: 0010:rt6_probe net/ipv6/route.c:656 [inline] RIP: 0010:find_match+0x8c4/0xf50 net/ipv6/route.c:758 Code: 14 fd f7 48 8b 85 38 ff ff ff 48 c7 45 b0 00 00 00 00 48 8d b8 5c 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19 RSP: 0018:ffffc900034af070 EFLAGS: 00010203 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004521000 RDX: 00000000000000cb RSI: ffffffff8990d0cd RDI: 000000000000065c RBP: ffffc900034af150 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000002 R12: 000000000000000a R13: 1ffff92000695e18 R14: ffff8880244a1d20 R15: 0000000000000000 FS: 00007f4844a5a6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b31b27000 CR3: 000000002d42c000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> rt6_nh_find_match+0xfa/0x1a0 net/ipv6/route.c:784 nexthop_for_each_fib6_nh+0x26d/0x4a0 net/ipv4/nexthop.c:1496 __find_rr_leaf+0x6e7/0xe00 net/ipv6/route.c:825 find_rr_leaf net/ipv6/route.c:853 [inline] rt6_select net/ipv6/route.c:897 [inline] fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195 ip6_pol_route+0x1cd/0x1150 net/ipv6/route.c:2231 pol_lookup_func include/net/ip6_fib.h:616 [inline] fib6_rule_lookup+0x386/0x720 net/ipv6/fib6_rules.c:121 ip6_route_output_flags_noref net/ipv6/route.c:2639 [inline] ip6_route_output_flags+0x1d0/0x640 net/ipv6/route.c:2651 ip6_dst_lookup_tail.constprop.0+0x961/0x1760 net/ipv6/ip6_output.c:1147 ip6_dst_lookup_flow+0x99/0x1d0 net/ipv6/ip6_output.c:1250 rawv6_sendmsg+0xdab/0x4340 net/ipv6/raw.c:898 inet_sendmsg+0x119/0x140 net/ipv4/af_inet.c:853 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg net/socket.c:745 [inline] sock_write_iter+0x4b8/0x5c0 net/socket.c:1160 new_sync_write fs/read_write.c:497 [inline] vfs_write+0x6b6/0x1140 fs/read_write.c:590 ksys_write+0x1f8/0x260 fs/read_write.c:643 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

CVE-2024-40998

In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() In the following concurrency we will access the uninitialized rs->lock: ext4_fill_super ext4_register_sysfs // sysfs registered msg_ratelimit_interval_ms // Other processes modify rs->interval to // non-zero via msg_ratelimit_interval_ms ext4_orphan_cleanup ext4_msg(sb, KERN_INFO, "Errors on filesystem, " __ext4_msg ___ratelimit(&(EXT4_SB(sb)->s_msg_ratelimit_state) if (!rs->interval) // do nothing if interval is 0 return 1; raw_spin_trylock_irqsave(&rs->lock, flags) raw_spin_trylock(lock) _raw_spin_trylock __raw_spin_trylock spin_acquire(&lock->dep_map, 0, 1, _RET_IP_) lock_acquire __lock_acquire register_lock_class assign_lock_key dump_stack(); ratelimit_state_init(&sbi->s_msg_ratelimit_state, 5 * HZ, 10); raw_spin_lock_init(&rs->lock); // init rs->lock here and get the following dump_stack: ========================================================= INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504 [...] Call Trace: dump_stack_lvl+0xc5/0x170 dump_stack+0x18/0x30 register_lock_class+0x740/0x7c0 __lock_acquire+0x69/0x13a0 lock_acquire+0x120/0x450 _raw_spin_trylock+0x98/0xd0 ___ratelimit+0xf6/0x220 __ext4_msg+0x7f/0x160 [ext4] ext4_orphan_cleanup+0x665/0x740 [ext4] __ext4_fill_super+0x21ea/0x2b10 [ext4] ext4_fill_super+0x14d/0x360 [ext4] [...] ========================================================= Normally interval is 0 until s_msg_ratelimit_state is initialized, so ___ratelimit() does nothing. But registering sysfs precedes initializing rs->lock, so it is possible to change rs->interval to a non-zero value via the msg_ratelimit_interval_ms interface of sysfs while rs->lock is uninitialized, and then a call to ext4_msg triggers the problem by accessing an uninitialized rs->lock. Therefore register sysfs after all initializations are complete to avoid such problems.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2024-41049

In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

CVE-2024-41055

In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfn_section_valid() Commit 5ec8e8ea8b77 ("mm/sparsemem: fix race in accessing memory_section->usage") changed pfn_section_valid() to add a READ_ONCE() call around "ms->usage" to fix a race with section_deactivate() where ms->usage can be cleared. The READ_ONCE() call, by itself, is not enough to prevent NULL pointer dereference. We need to check its value before dereferencing it.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

CVE-2024-42152

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler) and we need to release pending AERs, clear ctrl->sqs and sq->ctrl (for nvme-loop primarily), and drop the final reference on the ctrl. However, a small window is possible where nvmet_sq_destroy starts (as a result of the client giving up and disconnecting) concurrently with the nvme admin connect cmd (which may be in an early stage). But *before* kill_and_confirm of sq->ref (i.e. the admin connect managed to get an sq live reference). In this case, sq->ctrl was allocated however after it was captured in a local variable in nvmet_sq_destroy. This prevented the final reference drop on the ctrl. Solve this by re-capturing the sq->ctrl after all inflight request has completed, where for sure sq->ctrl reference is final, and move forward based on that. This issue was observed in an environment with many hosts connecting multiple ctrls simoutanuosly, creating a delay in allocating a ctrl leading up to this race window.

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

References

URL

Category

	https://access.redhat.com/errata/RHSA-2024:8614	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2176140	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2268118	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2269189	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2272811	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2273109	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2275604	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2278176	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2282356	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2284571	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2297544	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2297582	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2300422	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2300429	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2301519	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2021-47384	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2282356	external
	https://www.cve.org/CVERecord?id=CVE-2021-47384	external
	https://nvd.nist.gov/vuln/detail/CVE-2021-47384	external
	https://lore.kernel.org/linux-cve-announce/202405…	external
	https://access.redhat.com/security/cve/CVE-2023-1252	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2176140	external
	https://www.cve.org/CVERecord?id=CVE-2023-1252	external
	https://nvd.nist.gov/vuln/detail/CVE-2023-1252	external
	https://lore.kernel.org/lkml/20211115165433.44995…	external
	https://access.redhat.com/security/cve/CVE-2023-52489	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2269189	external
	https://www.cve.org/CVERecord?id=CVE-2023-52489	external
	https://nvd.nist.gov/vuln/detail/CVE-2023-52489	external
	https://lore.kernel.org/linux-cve-announce/202402…	external
	https://access.redhat.com/security/cve/CVE-2024-2201	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2268118	external
	https://www.cve.org/CVERecord?id=CVE-2024-2201	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-2201	external
	https://download.vusec.net/papers/inspectre_sec24.pdf	external
	https://www.intel.com/content/www/us/en/developer…	external
	https://www.openwall.com/lists/oss-security/2024/…	external
	https://www.vusec.net/projects/native-bhi/	external
	https://access.redhat.com/security/cve/CVE-2024-26671	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2272811	external
	https://www.cve.org/CVERecord?id=CVE-2024-26671	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-26671	external
	https://lore.kernel.org/linux-cve-announce/202404…	external
	https://access.redhat.com/security/cve/CVE-2024-26686	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2273109	external
	https://www.cve.org/CVERecord?id=CVE-2024-26686	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-26686	external
	https://lore.kernel.org/linux-cve-announce/202404…	external
	https://access.redhat.com/security/cve/CVE-2024-26826	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2275604	external
	https://www.cve.org/CVERecord?id=CVE-2024-26826	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-26826	external
	https://lore.kernel.org/linux-cve-announce/202404…	external
	https://access.redhat.com/security/cve/CVE-2024-26961	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2278176	external
	https://www.cve.org/CVERecord?id=CVE-2024-26961	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-26961	external
	https://lore.kernel.org/linux-cve-announce/202405…	external
	https://access.redhat.com/security/cve/CVE-2024-36889	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2284571	external
	https://www.cve.org/CVERecord?id=CVE-2024-36889	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-36889	external
	https://lore.kernel.org/linux-cve-announce/202405…	external
	https://access.redhat.com/security/cve/CVE-2024-40960	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2297544	external
	https://www.cve.org/CVERecord?id=CVE-2024-40960	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-40960	external
	https://lore.kernel.org/linux-cve-announce/202407…	external
	https://access.redhat.com/security/cve/CVE-2024-40998	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2297582	external
	https://www.cve.org/CVERecord?id=CVE-2024-40998	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-40998	external
	https://lore.kernel.org/linux-cve-announce/202407…	external
	https://access.redhat.com/security/cve/CVE-2024-41049	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2300422	external
	https://www.cve.org/CVERecord?id=CVE-2024-41049	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-41049	external
	https://lore.kernel.org/linux-cve-announce/202407…	external
	https://access.redhat.com/security/cve/CVE-2024-41055	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2300429	external
	https://www.cve.org/CVERecord?id=CVE-2024-41055	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-41055	external
	https://lore.kernel.org/linux-cve-announce/202407…	external
	https://access.redhat.com/security/cve/CVE-2024-42152	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2301519	external
	https://www.cve.org/CVERecord?id=CVE-2024-42152	external
	https://nvd.nist.gov/vuln/detail/CVE-2024-42152	external
	https://lore.kernel.org/linux-cve-announce/202407…	external

Acknowledgments

Google Project Zero Jann Horn

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)\n\n* hw: cpu: intel: Native Branch History Injection (BHI) (CVE-2024-2201)\n\n* kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage (CVE-2023-52489)\n\n* kernel: blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671)\n\n* kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats (CVE-2024-26686)\n\n* kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)\n\n* kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961)\n\n* kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384)\n\n* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)\n\n* kernel: ipv6: prevent possible NULL dereference in rt6_probe() (CVE-2024-40960)\n\n* kernel: ext4: fix uninitialized ratelimit_state-\u0026gt;lock access in __ext4_fill_super() (CVE-2024-40998)\n\n* kernel: filelock: fix potential use-after-free in posix_lock_inode (CVE-2024-41049)\n\n* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)\n\n* kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:8614",
        "url": "https://access.redhat.com/errata/RHSA-2024:8614"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2176140",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
      },
      {
        "category": "external",
        "summary": "2268118",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268118"
      },
      {
        "category": "external",
        "summary": "2269189",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
      },
      {
        "category": "external",
        "summary": "2272811",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811"
      },
      {
        "category": "external",
        "summary": "2273109",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273109"
      },
      {
        "category": "external",
        "summary": "2275604",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275604"
      },
      {
        "category": "external",
        "summary": "2278176",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278176"
      },
      {
        "category": "external",
        "summary": "2282356",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282356"
      },
      {
        "category": "external",
        "summary": "2284571",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284571"
      },
      {
        "category": "external",
        "summary": "2297544",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297544"
      },
      {
        "category": "external",
        "summary": "2297582",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297582"
      },
      {
        "category": "external",
        "summary": "2300422",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300422"
      },
      {
        "category": "external",
        "summary": "2300429",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"
      },
      {
        "category": "external",
        "summary": "2301519",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301519"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8614.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2024-12-11T21:54:02+00:00",
      "generator": {
        "date": "2024-12-11T21:54:02+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2024:8614",
      "initial_release_date": "2024-10-30T00:15:44+00:00",
      "revision_history": [
        {
          "date": "2024-10-30T00:15:44+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-10-30T00:15:44+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-11T21:54:02+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
                  "product_id": "RT-9.2.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
                  "product_id": "NFV-9.2.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
                "product": {
                  "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
                  "product_id": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.90.1.rt14.375.el9_2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
          "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
          "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-47384",
      "discovery_date": "2024-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2282356"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field\n\nIf driver read tmp value sufficient for\n(tmp \u0026 0x08) \u0026\u0026 (!(tmp \u0026 0x80)) \u0026\u0026 ((tmp \u0026 0x7) == ((tmp \u003e\u003e 4) \u0026 0x7))\nfrom device then Null pointer dereference occurs.\n(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)\nAlso lm75[] does not serve a purpose anymore after switching to\ndevm_i2c_new_dummy_device() in w83791d_detect_subclients().\n\nThe patch fixes possible NULL pointer dereference by removing lm75[].\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[groeck: Dropped unnecessary continuation lines, fixed multi-line alignments]",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as a moderate severity because the impact is limited to system stability rather than unauthorized access or data exposure.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-47384"
        },
        {
          "category": "external",
          "summary": "RHBZ#2282356",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282356"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47384",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-47384"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47384",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47384"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47384-f311@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47384-f311@gregkh/T"
        }
      ],
      "release_date": "2024-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jann Horn"
          ],
          "organization": "Google Project Zero"
        }
      ],
      "cve": "CVE-2023-1252",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2023-03-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2176140"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 (\"ovl: fix use after free in struct ovl_aio_req\") not applied yet, the kernel could be affected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ovl: fix use after free in struct ovl_aio_req",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is possibly only triggered if an Ext4 filesystem is mounted. Because of that fact, and because exploitation would require that an attacker was able to control how that filesystem interacted with an OverlayFS filesystem, Red Hat assesses the impact of this vulnerability as Medium.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-1252"
        },
        {
          "category": "external",
          "summary": "RHBZ#2176140",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1252",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/",
          "url": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/"
        }
      ],
      "release_date": "2021-11-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ovl: fix use after free in struct ovl_aio_req"
    },
    {
      "cve": "CVE-2023-52489",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2024-02-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269189"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. This may lead to compromised Availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-52489"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269189",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52489",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T",
          "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T"
        }
      ],
      "release_date": "2024-02-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage"
    },
    {
      "cve": "CVE-2024-2201",
      "cwe": {
        "id": "CWE-1423",
        "name": "Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution"
      },
      "discovery_date": "2023-11-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268118"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hw: cpu: intel: Native Branch History Injection (BHI)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat has very limited visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or even documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required (in terms of Red Hat ownership of development processes, QA and documentation) for releasing this content as a RHSA. For more information please contact the binary content vendor.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268118",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268118"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2201"
        },
        {
          "category": "external",
          "summary": "https://download.vusec.net/papers/inspectre_sec24.pdf",
          "url": "https://download.vusec.net/papers/inspectre_sec24.pdf"
        },
        {
          "category": "external",
          "summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8",
          "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/04/09/15",
          "url": "https://www.openwall.com/lists/oss-security/2024/04/09/15"
        },
        {
          "category": "external",
          "summary": "https://www.vusec.net/projects/native-bhi/",
          "url": "https://www.vusec.net/projects/native-bhi/"
        }
      ],
      "release_date": "2024-04-09T04:30:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "hw: cpu: intel: Native Branch History Injection (BHI)"
    },
    {
      "cve": "CVE-2024-26671",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2024-04-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2272811"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n       \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n        \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: blk-mq: fix IO hang from sbitmap wakeup race",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is fixed in RHEL-9.4 and above (including RHEL 8.10)\n~~~\na7f97b4cae32 (in rhel-9.4, rhel-9.5) blk-mq: fix IO hang from sbitmap wakeup race \n098ab94a5112 (in rhel-8.10) blk-mq: fix IO hang from sbitmap wakeup race\n~~~\n\nPlease note that while RHEL-9 kernel-rt still appears as affected, it has been fixed in the same RHSA as RHEL-9 kernel. This is because from RHEL-9.3 onwards, the kernel and kernel-rt fixes are bundled together in a single errata.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26671"
        },
        {
          "category": "external",
          "summary": "RHBZ#2272811",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26671",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T"
        }
      ],
      "release_date": "2024-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: blk-mq: fix IO hang from sbitmap wakeup race"
    },
    {
      "cve": "CVE-2024-26686",
      "cwe": {
        "id": "CWE-413",
        "name": "Improper Resource Locking"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273109"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the do_task_stat() function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26686"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273109",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273109"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26686",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26686",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26686"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats"
    },
    {
      "cve": "CVE-2024-26826",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2275604"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel. A logical error in the Multipath TCP packet manager causes some packets intended for retransmission to be lost, resulting in a potential denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mptcp: fix data re-injection from stale subflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26826"
        },
        {
          "category": "external",
          "summary": "RHBZ#2275604",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275604"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26826",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26826",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26826"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024041703-CVE-2024-26826-b984@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024041703-CVE-2024-26826-b984@gregkh/T"
        }
      ],
      "release_date": "2024-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mptcp: fix data re-injection from stale subflow"
    },
    {
      "cve": "CVE-2024-26961",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-05-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278176"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux Kernel where resources are improperly managed in IEEE 802.15.4 networking, leading to a potential use-after-free issue, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26961"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278176",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278176"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26961",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26961",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26961"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T"
        }
      ],
      "release_date": "2024-05-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del"
    },
    {
      "cve": "CVE-2024-36889",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "discovery_date": "2024-05-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2284571"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_nxt is properly initialized on connect\n\nChristoph reported a splat hinting at a corrupted snd_una:\n\n  WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n  Modules linked in:\n  CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n  Workqueue: events mptcp_worker\n  RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n  Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8\n  \t8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe\n  \t\u003c0f\u003e 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9\n  RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293\n  RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4\n  RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001\n  RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\n  R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000\n  R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000\n  FS:  0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0\n  Call Trace:\n   \u003cTASK\u003e\n   __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline]\n   mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline]\n   __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615\n   mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767\n   process_one_work+0x1e0/0x560 kernel/workqueue.c:3254\n   process_scheduled_works kernel/workqueue.c:3335 [inline]\n   worker_thread+0x3c7/0x640 kernel/workqueue.c:3416\n   kthread+0x121/0x170 kernel/kthread.c:388\n   ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147\n   ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n   \u003c/TASK\u003e\n\nWhen fallback to TCP happens early on a client socket, snd_nxt\nis not yet initialized and any incoming ack will copy such value\ninto snd_una. If the mptcp worker (dumbly) tries mptcp-level\nre-injection after such ack, that would unconditionally trigger a send\nbuffer cleanup using \u0027bad\u0027 snd_una values.\n\nWe could easily disable re-injection for fallback sockets, but such\ndumb behavior already helped catching a few subtle issues and a very\nlow to zero impact in practice.\n\nInstead address the issue always initializing snd_nxt (and write_seq,\nfor consistency) at connect time.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mptcp: ensure snd_nxt is properly initialized on connect",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-36889"
        },
        {
          "category": "external",
          "summary": "RHBZ#2284571",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284571"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36889",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36889",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36889"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T"
        }
      ],
      "release_date": "2024-05-30T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mptcp: ensure snd_nxt is properly initialized on connect"
    },
    {
      "cve": "CVE-2024-40960",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297544"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible NULL dereference in rt6_probe()\n\nsyzbot caught a NULL dereference in rt6_probe() [1]\n\nBail out if  __in6_dev_get() returns NULL.\n\n[1]\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000cb: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000658-0x000000000000065f]\nCPU: 1 PID: 22444 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00383-gb8481381d4e2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\n RIP: 0010:rt6_probe net/ipv6/route.c:656 [inline]\n RIP: 0010:find_match+0x8c4/0xf50 net/ipv6/route.c:758\nCode: 14 fd f7 48 8b 85 38 ff ff ff 48 c7 45 b0 00 00 00 00 48 8d b8 5c 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19\nRSP: 0018:ffffc900034af070 EFLAGS: 00010203\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004521000\nRDX: 00000000000000cb RSI: ffffffff8990d0cd RDI: 000000000000065c\nRBP: ffffc900034af150 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000002 R12: 000000000000000a\nR13: 1ffff92000695e18 R14: ffff8880244a1d20 R15: 0000000000000000\nFS:  00007f4844a5a6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b31b27000 CR3: 000000002d42c000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n  rt6_nh_find_match+0xfa/0x1a0 net/ipv6/route.c:784\n  nexthop_for_each_fib6_nh+0x26d/0x4a0 net/ipv4/nexthop.c:1496\n  __find_rr_leaf+0x6e7/0xe00 net/ipv6/route.c:825\n  find_rr_leaf net/ipv6/route.c:853 [inline]\n  rt6_select net/ipv6/route.c:897 [inline]\n  fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195\n  ip6_pol_route+0x1cd/0x1150 net/ipv6/route.c:2231\n  pol_lookup_func include/net/ip6_fib.h:616 [inline]\n  fib6_rule_lookup+0x386/0x720 net/ipv6/fib6_rules.c:121\n  ip6_route_output_flags_noref net/ipv6/route.c:2639 [inline]\n  ip6_route_output_flags+0x1d0/0x640 net/ipv6/route.c:2651\n  ip6_dst_lookup_tail.constprop.0+0x961/0x1760 net/ipv6/ip6_output.c:1147\n  ip6_dst_lookup_flow+0x99/0x1d0 net/ipv6/ip6_output.c:1250\n  rawv6_sendmsg+0xdab/0x4340 net/ipv6/raw.c:898\n  inet_sendmsg+0x119/0x140 net/ipv4/af_inet.c:853\n  sock_sendmsg_nosec net/socket.c:730 [inline]\n  __sock_sendmsg net/socket.c:745 [inline]\n  sock_write_iter+0x4b8/0x5c0 net/socket.c:1160\n  new_sync_write fs/read_write.c:497 [inline]\n  vfs_write+0x6b6/0x1140 fs/read_write.c:590\n  ksys_write+0x1f8/0x260 fs/read_write.c:643\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ipv6: prevent possible NULL dereference in rt6_probe()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-40960"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297544",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297544"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40960",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-40960"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40960",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40960"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40960-d46f@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40960-d46f@gregkh/T"
        }
      ],
      "release_date": "2024-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ipv6: prevent possible NULL dereference in rt6_probe()"
    },
    {
      "cve": "CVE-2024-40998",
      "discovery_date": "2024-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297582"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix uninitialized ratelimit_state-\u003elock access in __ext4_fill_super()\n\nIn the following concurrency we will access the uninitialized rs-\u003elock:\n\next4_fill_super\n  ext4_register_sysfs\n   // sysfs registered msg_ratelimit_interval_ms\n                             // Other processes modify rs-\u003einterval to\n                             // non-zero via msg_ratelimit_interval_ms\n  ext4_orphan_cleanup\n    ext4_msg(sb, KERN_INFO, \"Errors on filesystem, \"\n      __ext4_msg\n        ___ratelimit(\u0026(EXT4_SB(sb)-\u003es_msg_ratelimit_state)\n          if (!rs-\u003einterval)  // do nothing if interval is 0\n            return 1;\n          raw_spin_trylock_irqsave(\u0026rs-\u003elock, flags)\n            raw_spin_trylock(lock)\n              _raw_spin_trylock\n                __raw_spin_trylock\n                  spin_acquire(\u0026lock-\u003edep_map, 0, 1, _RET_IP_)\n                    lock_acquire\n                      __lock_acquire\n                        register_lock_class\n                          assign_lock_key\n                            dump_stack();\n  ratelimit_state_init(\u0026sbi-\u003es_msg_ratelimit_state, 5 * HZ, 10);\n    raw_spin_lock_init(\u0026rs-\u003elock);\n    // init rs-\u003elock here\n\nand get the following dump_stack:\n\n=========================================================\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504\n[...]\nCall Trace:\n dump_stack_lvl+0xc5/0x170\n dump_stack+0x18/0x30\n register_lock_class+0x740/0x7c0\n __lock_acquire+0x69/0x13a0\n lock_acquire+0x120/0x450\n _raw_spin_trylock+0x98/0xd0\n ___ratelimit+0xf6/0x220\n __ext4_msg+0x7f/0x160 [ext4]\n ext4_orphan_cleanup+0x665/0x740 [ext4]\n __ext4_fill_super+0x21ea/0x2b10 [ext4]\n ext4_fill_super+0x14d/0x360 [ext4]\n[...]\n=========================================================\n\nNormally interval is 0 until s_msg_ratelimit_state is initialized, so\n___ratelimit() does nothing. But registering sysfs precedes initializing\nrs-\u003elock, so it is possible to change rs-\u003einterval to a non-zero value\nvia the msg_ratelimit_interval_ms interface of sysfs while rs-\u003elock is\nuninitialized, and then a call to ext4_msg triggers the problem by\naccessing an uninitialized rs-\u003elock. Therefore register sysfs after all\ninitializations are complete to avoid such problems.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ext4: fix uninitialized ratelimit_state-\u0026gt;lock access in __ext4_fill_super()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-40998"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297582",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297582"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40998",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-40998"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40998",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40998"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071252-CVE-2024-40998-90d6@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071252-CVE-2024-40998-90d6@gregkh/T"
        }
      ],
      "release_date": "2024-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ext4: fix uninitialized ratelimit_state-\u0026gt;lock access in __ext4_fill_super()"
    },
    {
      "cve": "CVE-2024-41049",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2024-07-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2300422"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilelock: fix potential use-after-free in posix_lock_inode\n\nLight Hsieh reported a KASAN UAF warning in trace_posix_lock_inode().\nThe request pointer had been changed earlier to point to a lock entry\nthat was added to the inode\u0027s list. However, before the tracepoint could\nfire, another task raced in and freed that lock.\n\nFix this by moving the tracepoint inside the spinlock, which should\nensure that this doesn\u0027t happen.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: filelock: fix potential use-after-free in posix_lock_inode",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-41049"
        },
        {
          "category": "external",
          "summary": "RHBZ#2300422",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300422"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41049",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41049"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41049",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41049"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024072927-CVE-2024-41049-bf28@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024072927-CVE-2024-41049-bf28@gregkh/T"
        }
      ],
      "release_date": "2024-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: filelock: fix potential use-after-free in posix_lock_inode"
    },
    {
      "cve": "CVE-2024-41055",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-07-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2300429"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared.  The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference.  We need to check its value before\ndereferencing it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-41055"
        },
        {
          "category": "external",
          "summary": "RHBZ#2300429",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41055",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41055",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41055"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T"
        }
      ],
      "release_date": "2024-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()"
    },
    {
      "cve": "CVE-2024-42152",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "discovery_date": "2024-07-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2301519"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a possible leak when destroy a ctrl during qp establishment\n\nIn nvmet_sq_destroy we capture sq-\u003ectrl early and if it is non-NULL we\nknow that a ctrl was allocated (in the admin connect request handler)\nand we need to release pending AERs, clear ctrl-\u003esqs and sq-\u003ectrl\n(for nvme-loop primarily), and drop the final reference on the ctrl.\n\nHowever, a small window is possible where nvmet_sq_destroy starts (as\na result of the client giving up and disconnecting) concurrently with\nthe nvme admin connect cmd (which may be in an early stage). But *before*\nkill_and_confirm of sq-\u003eref (i.e. the admin connect managed to get an sq\nlive reference). In this case, sq-\u003ectrl was allocated however after it was\ncaptured in a local variable in nvmet_sq_destroy.\nThis prevented the final reference drop on the ctrl.\n\nSolve this by re-capturing the sq-\u003ectrl after all inflight request has\ncompleted, where for sure sq-\u003ectrl reference is final, and move forward\nbased on that.\n\nThis issue was observed in an environment with many hosts connecting\nmultiple ctrls simoutanuosly, creating a delay in allocating a ctrl\nleading up to this race window.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
          "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
          "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-42152"
        },
        {
          "category": "external",
          "summary": "RHBZ#2301519",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301519"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-42152",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-42152"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42152",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42152"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024073034-CVE-2024-42152-c248@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024073034-CVE-2024-42152-c248@gregkh/T"
        }
      ],
      "release_date": "2024-07-30T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-30T00:15:44+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8614"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
            "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
            "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment"
    }
  ]
}

CVE-2024-26686 (GCVE-0-2024-26686)

Vulnerability from cvelistv5 – Published: 2024-04-03 14:54 – Updated: 2026-01-05 10:34

Title

fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats

Summary

In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call do_task_stat() at the same time and the process has NR_THREADS, it will spin with irqs disabled O(NR_CPUS * NR_THREADS) time. Change do_task_stat() to use sig->stats_lock to gather the statistics outside of ->siglock protected section, in the likely case this code will run lockless.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/4fe85bdaabd63f8f8…
	https://git.kernel.org/stable/c/0c35d1914353799c5…
	https://git.kernel.org/stable/c/cf4b8c39b9a0bd81c…
	https://git.kernel.org/stable/c/3820b0fac7732a653…
	https://git.kernel.org/stable/c/27978243f165b44e3…
	https://git.kernel.org/stable/c/7601df8031fd67310…

Impacted products

Vendor

Product

Version

Action not permitted

RHSA-2024_8614

CVE-2024-26686 (GCVE-0-2024-26686)

CVE-2023-52489 (GCVE-0-2023-52489)

CVE-2021-47384 (GCVE-0-2021-47384)

CVE-2023-1252 (GCVE-0-2023-1252)

CVE-2024-26961 (GCVE-0-2024-26961)

CVE-2024-2201 (GCVE-0-2024-2201)

CVE-2024-41049 (GCVE-0-2024-41049)

CVE-2024-41055 (GCVE-0-2024-41055)

CVE-2024-26826 (GCVE-0-2024-26826)

CVE-2024-42152 (GCVE-0-2024-42152)

CVE-2024-40960 (GCVE-0-2024-40960)

CVE-2024-40998 (GCVE-0-2024-40998)

CVE-2024-36889 (GCVE-0-2024-36889)

CVE-2024-26671 (GCVE-0-2024-26671)

Tags

Sightings

Nomenclature