Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:4823
HistoryJul 24, 2024 - 12:40 p.m.

(RHSA-2024:4823) Important: kernel security update

2024-07-2412:40:38
access.redhat.com
10
kernel
security update
vmwgfx
nftables
uio
smb
intel
net
bluetooth
netfilter
hv_netvsc
ext4
net/sched
vfio/pci
dm
x86/xen
af_unix
scsi
squashfs
kvm
ipv6
drm/client
sched/psi
can
tcp
tls
linux operating system
race condition
information disclosure
double free
stack overflow
dos

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0

Percentile

16.3%

JSON

  • kernel: vmwgfx: multiple flaws (CVE-2022-36402, CVE-2022-40133, CVE-2022-38457, CVE-2023-5633)

  • kernel: nftables: (CVE-2024-26581)

  • kernel: uio: (CVE-2023-52439)

  • kernel: smb: (CVE-2023-52434)

  • kernel: intel: (CVE-2023-52450)

  • kernel: net: multiple flaws (CVE-2023-52578, CVE-2024-36978, CVE-2022-48743)

  • kernel: Bluetooth: (CVE-2023-52518)

  • kernel: netfilter: multiple flaws (CVE-2024-26668, CVE-2024-26808, CVE-2024-26925, CVE-2024-27020, CVE-2024-27019, CVE-2024-27016, CVE-2024-27065, CVE-2024-35899, CVE-2024-35897)

  • kernel: hv_netvsc: (CVE-2024-26698)

  • kernel: ext4: multiple flaws (CVE-2024-26704, CVE-2024-26773)

  • kernel: net/sched: (CVE-2024-26739)

  • kernel: vfio/pci: (CVE-2024-26810)

  • kernel: dm: (CVE-2024-26880)

  • kernel: x86/xen: (CVE-2024-26908)

  • kernel: af_unix: multiple flaws (CVE-2024-26923, CVE-2024-38596)

  • kernel: scsi: multiple flaws (CVE-2024-26931, CVE-2024-26929, CVE-2023-52811, CVE-2024-36025, CVE-2024-36924, CVE-2024-36952)

  • kernel: Squashfs: (CVE-2024-26982)

  • kernel: KVM: (CVE-2024-35791)

  • kernel: ipv6: (CVE-2024-27417)

  • kernel: drm/client: (CVE-2024-35950)

  • kernel: sched/psi: (CVE-2023-52707)

  • kernel: can: (CVE-2021-47459)

  • kernel: tcp: (CVE-2024-36904)

  • kernel: tls: (CVE-2024-36489)

  • The kernel packages contain the Linux kernel, the core of any Linux operating system.

  • Security Fix(es):

    • kernel: vmwgfx: race condition leading to information disclosure vulnerability (CVE-2023-33951,ZDI-23-707,ZDI-CAN-20110)
    • kernel: vmwgfx: double free within the handling of vmw_buffer_object objects (CVE-2023-33952,ZDI-23-708,ZDI-CAN-20292)
    • kernel: stack overflow problem in Open vSwitch kernel module leading to DoS (CVE-2024-1151)

  • For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9aarch64kernel-debug-devel< 5.14.0-284.75.1.el9_2kernel-debug-devel-5.14.0-284.75.1.el9_2.aarch64.rpm
RedHat9s390xbpftool-debuginfo< 7.0.0-284.75.1.el9_2bpftool-debuginfo-7.0.0-284.75.1.el9_2.s390x.rpm
RedHat9s390xkernel< 5.14.0-284.75.1.el9_2kernel-5.14.0-284.75.1.el9_2.s390x.rpm
RedHat9x86_64kernel-tools< 5.14.0-284.75.1.el9_2kernel-tools-5.14.0-284.75.1.el9_2.x86_64.rpm
RedHat9aarch64kernel-devel-matched< 5.14.0-284.75.1.el9_2kernel-devel-matched-5.14.0-284.75.1.el9_2.aarch64.rpm
RedHat9s390xkernel-zfcpdump-core< 5.14.0-284.75.1.el9_2kernel-zfcpdump-core-5.14.0-284.75.1.el9_2.s390x.rpm
RedHat9s390xkernel-devel-matched< 5.14.0-284.75.1.el9_2kernel-devel-matched-5.14.0-284.75.1.el9_2.s390x.rpm
RedHat9x86_64kernel-uki-virt< 5.14.0-284.75.1.el9_2kernel-uki-virt-5.14.0-284.75.1.el9_2.x86_64.rpm
RedHat9aarch64kernel-debuginfo< 5.14.0-284.75.1.el9_2kernel-debuginfo-5.14.0-284.75.1.el9_2.aarch64.rpm
RedHat9aarch64kernel-64k-modules< 5.14.0-284.75.1.el9_2kernel-64k-modules-5.14.0-284.75.1.el9_2.aarch64.rpm
Rows per page:
1-10 of 1461

Related

nessus 16
redhat 4
prion 8
vulnrichment 15
redhatcve 20
ubuntucve 21
nvd 22
debiancve 18
cvelist 22
cve 20
oraclelinux 1
osv 12
rocky 2
redos 1
cbl_mariner 15
zdi 1
cnvd 1
nessus
nessus
RHEL 9 : kernel (RHSA-2024:4823)
2024-07-24 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:4831)
2024-07-24 00:00:00
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP4) (SUSE-SU-2024:2823-1)
2024-08-09 00:00:00
redhat
redhat
(RHSA-2024:4831) Important: kernel-rt security update
2024-07-24 12:51:56
(RHSA-2024:4846) Moderate: OpenShift Container Platform 4.13.46 security update
2024-07-31 14:28:15
(RHSA-2024:4928) Moderate: kernel security update
2024-07-31 00:03:49
prion
prion
Double free
2023-10-23 22:15:00
Design/Logic Flaw
2024-03-02 22:15:00
Design/Logic Flaw
2022-09-09 15:15:00
vulnrichment
vulnrichment
CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
2023-10-23 21:58:59
CVE-2023-52707 sched/psi: Fix use-after-free in ep_remove_wait_queue()
2024-05-21 15:22:55
CVE-2021-47459 can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
2024-05-22 06:23:21
redhatcve
redhatcve
CVE-2023-5633
2023-10-23 14:01:09
CVE-2023-52518
2024-03-04 20:02:31
CVE-2024-26739
2024-04-04 01:52:47
ubuntucve
ubuntucve
CVE-2023-5633
2023-10-23 00:00:00
CVE-2023-52518
2024-03-02 00:00:00
CVE-2021-47459
2024-05-22 00:00:00
nvd
nvd
CVE-2023-5633
2023-10-23 22:15:09
CVE-2021-47459
2024-05-22 07:15:10
CVE-2024-27016
2024-05-01 06:15:20
debiancve
debiancve
CVE-2023-5633
2023-10-23 22:15:09
CVE-2022-40133
2022-09-09 15:15:15
CVE-2023-52518
2024-03-02 22:15:47
cvelist
cvelist
CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
2023-10-23 21:58:59
CVE-2023-52518 Bluetooth: hci_codec: Fix leaking content of local_codecs
2024-03-02 21:54:47
CVE-2021-47459 can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
2024-05-22 06:23:21
cve
cve
CVE-2023-5633
2023-10-23 22:15:09
CVE-2022-40133
2022-09-09 15:15:15
CVE-2023-52518
2024-03-02 22:15:47
oraclelinux
oraclelinux
kernel security update
2024-07-31 00:00:00
osv
osv
Moderate: kernel security update
2024-08-01 01:29:12
Moderate: kernel security update
2024-08-21 14:55:16
CVE-2021-47459
2024-05-22 07:15:00
rocky
rocky
kernel security update
2024-08-21 14:55:16
kernel security update
2024-08-01 01:29:12
redos
redos
ROS-20240821-01
2024-08-21 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-26908 affecting package kernel for versions less than 6.6.29.1-4
2024-06-21 09:32:44
CVE-2022-38457 affecting package kernel 5.15.164.1-1
2024-09-16 09:11:50
CVE-2024-26581 affecting package hyperv-daemons for versions less than 5.15.153.1-1
2024-04-09 20:48:36
zdi
zdi
Linux Kernel vmwgfx Driver Race Condition Information Disclosure Vulnerability
2023-05-17 00:00:00
cnvd
cnvd
Linux kernel input validation error vulnerability (CNVD-2022-69193)
2022-09-20 00:00:00

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0

Percentile

16.3%

JSON
Related for RHSA-2024:4823
nessus16redhat4prion8vulnrichment15redhatcve20ubuntucve21nvd22debiancve18cvelist22cve20oraclelinux1osv12rocky2redos1cbl_mariner15zdi1cnvd1