Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:5067
HistoryAug 07, 2024 - 12:06 a.m.

(RHSA-2024:5067) Moderate: kernel-rt security update

2024-08-0700:06:24
access.redhat.com
8
real time linux kernel
determinism requirements
null pointer dereference
user-after-free
cve fixes

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

16.8%

JSON

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458)

  • kernel: ext4: regenerate buddy after block freeing failed if under fc replay (CVE-2024-26601)

  • kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop] (CVE-2023-52635)

  • kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737)

  • kernel: bnxt: prevent skb UAF after handing over to PTP worker (CVE-2022-48637)

  • kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CVE-2024-26947)

  • kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer (CVE-2024-26930)

  • kernel: nouveau: lock the client object tree. (CVE-2024-27062)

  • kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030)

  • kernel: vt: fix unicode buffer corruption when deleting characters (CVE-2024-35823)

  • kernel: netfilter: validate user input for expected length (CVE-2024-35896)

  • kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885)

  • kernel: netfilter: complete validation of user input (CVE-2024-35962)

  • kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809)

  • kernel: i40e: fix vf may be used uninitialized in this function warning (CVE-2024-36020)

  • kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CVE-2024-36017)

  • kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs (CVE-2024-36929)

  • kernel: drm/vmwgfx: Fix invalid reads in fence signaled events (CVE-2024-36960)

  • kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (CVE-2024-33621)

  • kernel: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (CVE-2024-38384)

  • kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)

  • kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9x86_64kernel-rt-debug-modules-extra< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-debug-modules-extra-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-modules-core< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-modules-core-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-debug-modules-core< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-debug-modules-core-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-debug-debuginfo< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-debug-debuginfo-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-modules-extra< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-modules-extra-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-debug< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-debug-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-debuginfo< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-debuginfo-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-core< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-core-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
RedHat9x86_64kernel-rt-modules< 5.14.0-284.77.1.rt14.362.el9_2kernel-rt-modules-5.14.0-284.77.1.rt14.362.el9_2.x86_64.rpm
Rows per page:
1-10 of 171

Related

nessus 10
redhat 4
vulnrichment 22
cvelist 22
ubuntucve 22
redhatcve 22
nvd 22
osv 20
cve 22
debiancve 22
rocky 2
cbl_mariner 5
oraclelinux 1
prion 2
photon 1
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:5067)
2024-08-07 00:00:00
RHEL 9 : kernel (RHSA-2024:5066)
2024-08-07 00:00:00
Oracle Linux 9 : kernel (ELSA-2024-4928)
2024-08-01 00:00:00
redhat
redhat
(RHSA-2024:5066) Moderate: kernel security update
2024-08-07 00:05:55
(RHSA-2024:5433) Important: OpenShift Container Platform 4.14.35 security update
2024-08-22 11:36:51
(RHSA-2024:4928) Moderate: kernel security update
2024-07-31 00:03:49
vulnrichment
vulnrichment
CVE-2022-48637 bnxt: prevent skb UAF after handing over to PTP worker
2024-04-28 12:59:33
CVE-2024-38384 blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
2024-06-24 13:50:51
CVE-2024-27062 nouveau: lock the client object tree.
2024-05-01 13:00:21
cvelist
cvelist
CVE-2024-38384 blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
2024-06-24 13:50:51
CVE-2024-27062 nouveau: lock the client object tree.
2024-05-01 13:00:21
CVE-2022-48637 bnxt: prevent skb UAF after handing over to PTP worker
2024-04-28 12:59:33
ubuntucve
ubuntucve
CVE-2023-52885
2024-07-14 00:00:00
CVE-2024-27062
2024-05-01 00:00:00
CVE-2024-38384
2024-06-24 00:00:00
redhatcve
redhatcve
CVE-2023-52885
2024-07-15 14:37:33
CVE-2024-27062
2024-05-01 20:24:43
CVE-2024-38384
2024-06-25 13:52:23
nvd
nvd
CVE-2024-38384
2024-06-24 14:15:12
CVE-2022-48637
2024-04-28 13:15:06
CVE-2024-27062
2024-05-01 13:15:50
osv
osv
CVE-2024-38384
2024-06-24 14:15:00
CVE-2022-48637
2024-04-28 13:15:00
CVE-2024-27062
2024-05-01 13:15:00
cve
cve
CVE-2024-38384
2024-06-24 14:15:12
CVE-2022-48637
2024-04-28 13:15:06
CVE-2024-27062
2024-05-01 13:15:50
debiancve
debiancve
CVE-2022-48637
2024-04-28 13:15:06
CVE-2024-35962
2024-05-20 10:15:11
CVE-2023-52885
2024-07-14 08:15:01
rocky
rocky
kernel security update
2024-08-21 14:55:16
kernel security update
2024-08-01 01:29:12
cbl_mariner
cbl_mariner
CVE-2024-26947 affecting package hyperv-daemons for versions less than 6.6.35.1-1
2024-07-23 02:21:02
CVE-2024-26947 affecting package hyperv-daemons for versions less than 5.15.158.2-1
2024-06-12 22:23:00
CVE-2024-27030 affecting package hyperv-daemons for versions less than 6.6.35.1-1
2024-07-23 02:21:02
oraclelinux
oraclelinux
kernel security update
2024-07-31 00:00:00
prion
prion
Spoofing
2024-02-26 16:27:00
Null pointer dereference
2024-02-23 15:15:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-3.0-0745
2024-04-02 00:00:00

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

16.8%

JSON
Related for RHSA-2024:5067
nessus10redhat4vulnrichment22cvelist22ubuntucve22redhatcve22nvd22osv20cve22debiancve22rocky2cbl_mariner5oraclelinux1prion2photon1