rhsa-2024_9498
Vulnerability from csaf_redhat
Published
2024-11-13 00:14
Modified
2024-12-04 07:32
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)
* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)
* kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)
* kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772)
* kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)
* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)
* kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (CVE-2024-31076)
* kernel: mptcp: ensure snd_una is properly initialized on connect (CVE-2024-40931)
* kernel: firmware: cs_dsp: Fix overflow checking of wmfw header (CVE-2024-41039)
* kernel: net/iucv: fix use after free in iucv_sock_close() (CVE-2024-42271)
* kernel: mptcp: pm: Fix uaf in __timer_delete_sync (CVE-2024-46858)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)\n\n* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)\n\n* kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)\n\n* kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772)\n\n* kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)\n\n* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)\n\n* kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (CVE-2024-31076)\n\n* kernel: mptcp: ensure snd_una is properly initialized on connect (CVE-2024-40931)\n\n* kernel: firmware: cs_dsp: Fix overflow checking of wmfw header (CVE-2024-41039)\n\n* kernel: net/iucv: fix use after free in iucv_sock_close() (CVE-2024-42271)\n\n* kernel: mptcp: pm: Fix uaf in __timer_delete_sync (CVE-2024-46858)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:9498", "url": "https://access.redhat.com/errata/RHSA-2024:9498" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2267795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267795" }, { "category": "external", "summary": "2270100", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270100" }, { "category": "external", "summary": "2272692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272692" }, { "category": "external", "summary": "2273242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273242" }, { "category": "external", "summary": "2275635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275635" }, { "category": "external", "summary": "2275711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275711" }, { "category": "external", "summary": "2293684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293684" }, { "category": "external", "summary": "2297515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297515" }, { "category": "external", "summary": "2300408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300408" }, { "category": "external", "summary": "2315210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315210" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9498.json" } ], "title": "Red Hat Security Advisory: kernel-rt security update", "tracking": { "current_release_date": "2024-12-04T07:32:04+00:00", "generator": { "date": "2024-12-04T07:32:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:9498", "initial_release_date": "2024-11-13T00:14:10+00:00", "revision_history": [ { "date": "2024-11-13T00:14:10+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-11-13T00:14:10+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-04T07:32:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "product": { "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "product_id": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.92.1.rt14.377.el9_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.92.1.rt14.377.el9_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src" }, "product_reference": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src" }, "product_reference": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-52522", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267795" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel that allows for potential store tearing within the neigh_periodic_work() function, meaning a write operation on a value is not protected properly and could result in inconsistencies if another process or thread reads from that value before the operation is complete.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: fix possible store tearing in neigh_periodic_work()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52522" }, { "category": "external", "summary": "RHBZ#2267795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52522", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52522" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52522", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52522" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030253-CVE-2023-52522-6abd@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030253-CVE-2023-52522-6abd@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: fix possible store tearing in neigh_periodic_work()" }, { "cve": "CVE-2024-26640", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-03-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270100" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: add sanity checks to rx zerocopy", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26640" }, { "category": "external", "summary": "RHBZ#2270100", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270100" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26640", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26640" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26640", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26640" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T" } ], "release_date": "2024-03-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tcp: add sanity checks to rx zerocopy" }, { "cve": "CVE-2024-26656", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272692" } ], "notes": [ { "category": "description", "text": "A failure flaw was found in the Linux kernel\u2019s AMDGPU driver in how a user sends ioctl with an invalid address and size when using the AMD GPU. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/amdgpu: use-after-free vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26656" }, { "category": "external", "summary": "RHBZ#2272692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272692" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26656", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26656" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040247-CVE-2024-26656-ffaa@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040247-CVE-2024-26656-ffaa@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/amdgpu: use-after-free vulnerability" }, { "cve": "CVE-2024-26772", "cwe": { "id": "CWE-229", "name": "Improper Handling of Values" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273242" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the ext4_mb_find_by_goal() function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26772" }, { "category": "external", "summary": "RHBZ#2273242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273242" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26772", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26772" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26772", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26772" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26772-5168@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26772-5168@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()" }, { "cve": "CVE-2024-26870", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275711" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A system error can be reliably replicated with specific filesystem settings, allowing an attacker to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26870" }, { "category": "external", "summary": "RHBZ#2275711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275711" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26870", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26870" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26870", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26870" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102" }, { "cve": "CVE-2024-26906", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275635" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()\n\nWhen trying to use copy_from_kernel_nofault() to read vsyscall page\nthrough a bpf program, the following oops was reported:\n\n BUG: unable to handle page fault for address: ffffffffff600000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 3231067 P4D 3231067 PUD 3233067 PMD 3235067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 20390 Comm: test_progs ...... 6.7.0+ #58\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......\n RIP: 0010:copy_from_kernel_nofault+0x6f/0x110\n ......\n Call Trace:\n \u003cTASK\u003e\n ? copy_from_kernel_nofault+0x6f/0x110\n bpf_probe_read_kernel+0x1d/0x50\n bpf_prog_2061065e56845f08_do_probe_read+0x51/0x8d\n trace_call_bpf+0xc5/0x1c0\n perf_call_bpf_enter.isra.0+0x69/0xb0\n perf_syscall_enter+0x13e/0x200\n syscall_trace_enter+0x188/0x1c0\n do_syscall_64+0xb5/0xe0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n \u003c/TASK\u003e\n ......\n ---[ end trace 0000000000000000 ]---\n\nThe oops is triggered when:\n\n1) A bpf program uses bpf_probe_read_kernel() to read from the vsyscall\npage and invokes copy_from_kernel_nofault() which in turn calls\n__get_user_asm().\n\n2) Because the vsyscall page address is not readable from kernel space,\na page fault exception is triggered accordingly.\n\n3) handle_page_fault() considers the vsyscall page address as a user\nspace address instead of a kernel space address. This results in the\nfix-up setup by bpf not being applied and a page_fault_oops() is invoked\ndue to SMAP.\n\nConsidering handle_page_fault() has already considered the vsyscall page\naddress as a userspace address, fix the problem by disallowing vsyscall\npage read for copy_from_kernel_nofault().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26906" }, { "category": "external", "summary": "RHBZ#2275635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275635" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26906", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26906" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041746-CVE-2024-26906-bb35@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041746-CVE-2024-26906-bb35@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()" }, { "cve": "CVE-2024-31076", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293684" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd-\u003emove_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU\u0027s vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd-\u003eprev_vector because the interrupt isn\u0027t currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn\u0027t reclaim apicd-\u003eprev_vector; instead, it simply resets both\napicd-\u003emove_in_progress and apicd-\u003eprev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd-\u003eprev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd-\u003emove_in_progress with apicd-\u003eprev_cpu pointing to an offline CPU.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-31076" }, { "category": "external", "summary": "RHBZ#2293684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293684" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-31076", "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31076", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31076" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline" }, { "cve": "CVE-2024-40931", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2297515" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_una is properly initialized on connect\n\nThis is strictly related to commit fb7a0d334894 (\"mptcp: ensure snd_nxt\nis properly initialized on connect\"). It turns out that syzkaller can\ntrigger the retransmit after fallback and before processing any other\nincoming packet - so that snd_una is still left uninitialized.\n\nAddress the issue explicitly initializing snd_una together with snd_nxt\nand write_seq.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mptcp: ensure snd_una is properly initialized on connect", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-40931" }, { "category": "external", "summary": "RHBZ#2297515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297515" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40931", "url": "https://www.cve.org/CVERecord?id=CVE-2024-40931" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40931", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40931" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071216-CVE-2024-40931-77b2@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071216-CVE-2024-40931-77b2@gregkh/T" } ], "release_date": "2024-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mptcp: ensure snd_una is properly initialized on connect" }, { "cve": "CVE-2024-41039", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2024-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2300408" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s firmware driver cs_dsp.c, where a buffer overflow is possible in the wmfw header due to insufficient buffer size checks. The issue stems from the size of one of the structs that the code checks, the wmfw_adsp?_sizes struct, which can vary depending on whether the firmware used is ADSP1 or ADSP2 and Halo Core. In the second case, the wmfw_adsp2_sizes struct is 4 bytes longer, which can cause a buffer overflow, potentially leading to undefined behavior in the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: firmware: cs_dsp: Fix overflow checking of wmfw header", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat believes this flaw to be of moderate severity because successful exploitation of this vulnerability would require elevated privileges to be able to access/modify the firmware loading mechanism. It also presents an elevated attack complexity given that the attacker requires knowledge of the Cirrus Logic DSP firmware to be able to craft special firmware to exploit the buffer overflow. Finally, depending on when the vulnerability is executed (ex. at boot time or during runtime) the impact on the system might change drastically; in one scenario it might cause a kernel crash in another just the audio driver might stop working.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41039" }, { "category": "external", "summary": "RHBZ#2300408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300408" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41039", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41039" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41039", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41039" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024072924-CVE-2024-41039-b3bc@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024072924-CVE-2024-41039-b3bc@gregkh/T" } ], "release_date": "2024-07-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: firmware: cs_dsp: Fix overflow checking of wmfw header" }, { "cve": "CVE-2024-42271", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-08-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2305416" } ], "notes": [ { "category": "description", "text": "A possible use-after-free vulnerability was found in the Linux kernel in iucv_sock_close(). This issue may lead to a crash or memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/iucv: fix use after free in iucv_sock_close()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-42271" }, { "category": "external", "summary": "RHBZ#2305416", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305416" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-42271", "url": "https://www.cve.org/CVERecord?id=CVE-2024-42271" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42271", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42271" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024081739-CVE-2024-42271-c501@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024081739-CVE-2024-42271-c501@gregkh/T" } ], "release_date": "2024-08-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/iucv: fix use after free in iucv_sock_close()" }, { "cve": "CVE-2024-46858", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-09-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2315210" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: Fix uaf in __timer_delete_sync\n\nThere are two paths to access mptcp_pm_del_add_timer, result in a race\ncondition:\n\n CPU1\t\t\t\tCPU2\n ==== ====\n net_rx_action\n napi_poll netlink_sendmsg\n __napi_poll netlink_unicast\n process_backlog netlink_unicast_kernel\n __netif_receive_skb genl_rcv\n __netif_receive_skb_one_core netlink_rcv_skb\n NF_HOOK genl_rcv_msg\n ip_local_deliver_finish genl_family_rcv_msg\n ip_protocol_deliver_rcu genl_family_rcv_msg_doit\n tcp_v4_rcv mptcp_pm_nl_flush_addrs_doit\n tcp_v4_do_rcv mptcp_nl_remove_addrs_list\n tcp_rcv_established mptcp_pm_remove_addrs_and_subflows\n tcp_data_queue remove_anno_list_by_saddr\n mptcp_incoming_options mptcp_pm_del_add_timer\n mptcp_pm_del_add_timer kfree(entry)\n\nIn remove_anno_list_by_saddr(running on CPU2), after leaving the critical\nzone protected by \"pm.lock\", the entry will be released, which leads to the\noccurrence of uaf in the mptcp_pm_del_add_timer(running on CPU1).\n\nKeeping a reference to add_timer inside the lock, and calling\nsk_stop_timer_sync() with this reference, instead of \"entry-\u003eadd_timer\".\n\nMove list_del(\u0026entry-\u003elist) to mptcp_pm_del_add_timer and inside the pm lock,\ndo not directly access any members of the entry outside the pm lock, which\ncan avoid similar \"entry-\u003ex\" uaf.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mptcp: pm: Fix uaf in __timer_delete_sync", "title": "Vulnerability summary" }, { "category": "other", "text": "Actual only for latest version of Red Hat Enterprise Linux 9 and latest version of Red Hat Enterprise Linux 8.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-46858" }, { "category": "external", "summary": "RHBZ#2315210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-46858", "url": "https://www.cve.org/CVERecord?id=CVE-2024-46858" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-46858", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46858" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024092744-CVE-2024-46858-dab6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024092744-CVE-2024-46858-dab6@gregkh/T" } ], "release_date": "2024-09-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-13T00:14:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:9498" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.92.1.rt14.377.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mptcp: pm: Fix uaf in __timer_delete_sync" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.