CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.6%
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
kernel: tun: double free in tun_free_netdev (CVE-2022-4744)
kernel: net/sched: cls_u32 component reference counter leak (CVE-2023-3609)
kernel: net/sched: sch_qfq vulnerability (CVE-2023-3611)
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)
kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)
kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
kernel: use-after-free and info leak in l2cap_conn_del and l2cap_parse_conf_req (CVE-2022-3640, CVE-2022-42895)
kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)
kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)
kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)
kernel: speculative pointer dereference in do_prlimit in kernel/sys.c (CVE-2023-0458)
kernel: use-after-free in qdisc_graft (CVE-2023-0590)
kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)
kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)
kernel: hid: Use After Free in asus_remove (CVE-2023-1079)
kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)
kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)
kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
kernel: denial of service in tipc_conn_close (CVE-2023-1382)
kernel: Use after free bug in btsdio_remove (CVE-2023-1989)
kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)
kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)
kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)
kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)
kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)
Kernel: denial of service in atm_tc_enqueue (CVE-2023-23455)
kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)
kernel: Denial of service issue in az6027 driver (CVE-2023-28328)
kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)
kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)
kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)
kernel: saa7134: race condition in saa7134_finidev (CVE-2023-35823)
kernel: dm1105: race condition in dm1105_remove.c (CVE-2023-35824)
kernel: r592: race condition in r592_remove (CVE-2023-35825)
kernel: net/tls: tls_is_tx_ready checked list_entry (CVE-2023-1075)
kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)
kernel: Use after free in r592_remove (CVE-2023-3141)
kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)
For more details about the security issue(s), refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.6%