10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
memcg does not limit the number of POSIX file locks allowing memory exhaustion (CVE-2022-0480)
vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)
use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
nfp: use-after-free in area_cache_get() (CVE-2022-3545)
NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390)
out-of-bounds access in relay_file_read (CVE-2023-3268)
vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459)
Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982,Downfall)
net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609)
fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
Race Condition leading to UAF in Unix Socket could happen in sk_receive_queue ()
use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
use after free in unix_stream_sendpage (CVE-2023-4622)
bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163)
A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child’s sibling_list (CVE-2023-5717)
ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
use-after-free in IPv4 IGMP (CVE-2023-6932)
GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546,ZDI-CAN-20527)
refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
Bug Fix(es):
fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (JIRA:RHEL-1107)
out-of-bounds access in relay_file_read (JIRA:RHEL-1749)
vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (JIRA:RHEL-18085)
NULL pointer dereference in can_rcv_filter (JIRA:RHEL-19524)
update RT source tree to the latest RHEL-9.0.z Batch 15 (JIRA:RHEL-21555)
Gather Data Sampling (GDS) side channel vulnerability (JIRA:RHEL-9285)
A heap out-of-bounds write (JIRA:RHEL-18011)
Slab-out-of-bound read in compare_netdev_and_ip (JIRA:RHEL-19398)
A flaw leading to a use-after-free in area_cache_get() (JIRA:RHEL-19534)
Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (JIRA:RHEL-8980)
various flaws (JIRA:RHEL-16150)
refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20311)
use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (JIRA:RHEL-20502)
ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (JIRA:RHEL-22095)
use-after-free in smb2_is_status_io_timeout() (JIRA:RHEL-15171)
use-after-free in IPv4 IGMP (JIRA:RHEL-21658)
memcg does not limit the number of POSIX file locks allowing memory exhaustion (JIRA:RHEL-8996)
GSM multiplexing race condition leads to privilege escalation (JIRA:RHEL-19968)
NULL pointer dereference in vmw_cmd_dx_define_query (JIRA:RHEL-22751)
kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier
(JIRA:RHEL-26381)
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%