Red Hat Product Errata RHSA-2024:2950 - Security Advisory
Issued:
2024-05-22
Updated:
2024-05-22

RHSA-2024:2950 - Security Advisory

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 1731000 - CVE-2019-13631 kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c
  • BZ - 1746732 - CVE-2019-15505 kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c
  • BZ - 1888726 - CVE-2020-25656 kernel: use-after-free in read in vt_do_kdgkb_ioctl
  • BZ - 1999589 - CVE-2021-3753 kernel: a race out-of-bound read in vt
  • BZ - 2039178 - CVE-2021-4204 kernel: improper input validation may lead to privilege escalation
  • BZ - 2043520 - CVE-2022-23222 kernel: local privileges escalation in kernel/bpf/verifier.c
  • BZ - 2044578 - CVE-2022-0500 kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges
  • BZ - 2150953 - CVE-2022-3565 kernel: use-after-free in l1oip timer handlers
  • BZ - 2151959 - CVE-2022-45934 kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
  • BZ - 2177759 - CVE-2023-28464 Kernel: double free in hci_conn_cleanup of the bluetooth subsystem
  • BZ - 2179892 - CVE-2023-1513 kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems
  • BZ - 2213132 - CVE-2023-31083 kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl
  • BZ - 2218332 - CVE-2023-39198 kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()
  • BZ - 2219359 - CVE-2023-6176 kernel: local dos vulnerability in scatterwalk_copychunks
  • BZ - 2221039 - CVE-2023-37453 kernel: usb: out-of-bounds read in read_descriptors
  • BZ - 2221463 - CVE-2023-3567 kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race
  • BZ - 2221702 - CVE-2023-4133 kernel: cxgb4: use-after-free in ch_flower_stats_cb()
  • BZ - 2226777 - CVE-2023-39189 kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()
  • BZ - 2226784 - CVE-2023-39192 kernel: netfilter: xtables out-of-bounds read in u32_match_it()
  • BZ - 2226787 - CVE-2023-39193 kernel: netfilter: xtables sctp out-of-bounds read in match_flags()
  • BZ - 2226788 - CVE-2023-39194 kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()
  • BZ - 2230042 - CVE-2023-38409 kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment
  • BZ - 2231410 - CVE-2023-25775 kernel: irdma: Improper access control
  • BZ - 2235306 - CVE-2023-4244 kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction
  • BZ - 2239845 - CVE-2023-42754 kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()
  • BZ - 2239847 - CVE-2023-42755 kernel: rsvp: out-of-bounds read in rsvp_classify()
  • BZ - 2244720 - CVE-2023-45863 kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write
  • BZ - 2250043 - CVE-2023-6121 kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get
  • BZ - 2253632 - CVE-2023-6622 kernel: null pointer dereference vulnerability in nft_dynset_init()
  • BZ - 2254961 - CVE-2023-24023 kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses
  • BZ - 2254982 - CVE-2023-6915 kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c
  • BZ - 2255283 - CVE-2023-6932 kernel: use-after-free in IPv4 IGMP
  • BZ - 2256490 - CVE-2024-0841 kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function
  • BZ - 2256822 - CVE-2023-51779 kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg
  • BZ - 2257682 - CVE-2023-51780 kernel: use-after-free in net/atm/ioctl.c
  • BZ - 2257979 - CVE-2023-52340 kernel: ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU
  • BZ - 2265285 - CVE-2023-52434 kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
  • BZ - 2265653 - CVE-2023-52448 kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
  • BZ - 2267695 - CVE-2024-26602 kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier
  • BZ - 2267750 - CVE-2023-52574 kernel: team: NULL pointer dereference when team device type is changed
  • BZ - 2267760 - CVE-2023-52580 kernel: net/core: kernel crash in ETH_P_1588 flow dissector
  • BZ - 2267761 - CVE-2023-52581 kernel: netfilter: nf_tables: memory leak when more than 255 elements expired
  • BZ - 2269189 - CVE-2023-52489 kernel: mm/sparsemem: fix race in accessing memory_section->usage
  • BZ - 2269217 - CVE-2024-26609 kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  • BZ - 2270836 - CVE-2024-25742 CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit
  • BZ - 2270883 - CVE-2023-52620 kernel: netfilter: nf_tables: disallow timeout for anonymous sets
  • BZ - 2272811 - CVE-2024-26671 kernel: blk-mq: fix IO hang from sbitmap wakeup race

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.rt7.342.el8_10.src.rpm SHA-256: 7e464d5f495abe03121fa678a33b2fb6395c864f92d058fbfbaba2e37474f1a0
x86_64
kernel-rt-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: b8a849ae518046eb3ecda1cf390b0fb2209b75c212e368d65bfda01105c5b2c2
kernel-rt-core-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: a2c982aec9e27cd12913d21f84297f28115f4f1d7cf0d8f2562259a53c3362c7
kernel-rt-debug-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 965db4830f3165eaf6b279937c033425dab3cd96aaec3c5c8913fbf2c227ee61
kernel-rt-debug-core-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: a95e4bb4d7c15d366b16c254c2eb9721c57bdbb2bfb04db108d1de7818817b57
kernel-rt-debug-debuginfo-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: fd05fdb323a3b3d10a1a01dc30bec6aef5b2f6e31efe236f725056425feb955f
kernel-rt-debug-devel-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 583c688a0b02dc3352a1fe4628a384d8c37a2b937ffe512bb72dfa0b675c738a
kernel-rt-debug-modules-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 05578753fc14d5a0fe040b71066d84eed05c29eba33a879dd3d99a430c933879
kernel-rt-debug-modules-extra-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: ce69f8b8521552562280ec998afe7015b9a35ddb52ea4106dc36fad7df271f6f
kernel-rt-debuginfo-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 39d3b88b6d6fe80c3d92dee33a29291555a6619e669c35f665fe6c2939b12e2b
kernel-rt-debuginfo-common-x86_64-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 14a79d8999436ae67489d7ca19203e75a2def5dda61a007d6707860fc8cb080a
kernel-rt-devel-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 9c89688439151d5b7db738633f4079e59ec2b12526ffba734f69eed8d28bfe32
kernel-rt-modules-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: c22c84cf93a11ba1087628c95077c5a6576b1d3fdb0c0b0aa3c60be478aa8a84
kernel-rt-modules-extra-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 033b6d3698a39ec9b4b9ed7e763b5272e6222e76bd729f2646c99efe1bd62465

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.rt7.342.el8_10.src.rpm SHA-256: 7e464d5f495abe03121fa678a33b2fb6395c864f92d058fbfbaba2e37474f1a0
x86_64
kernel-rt-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: b8a849ae518046eb3ecda1cf390b0fb2209b75c212e368d65bfda01105c5b2c2
kernel-rt-core-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: a2c982aec9e27cd12913d21f84297f28115f4f1d7cf0d8f2562259a53c3362c7
kernel-rt-debug-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 965db4830f3165eaf6b279937c033425dab3cd96aaec3c5c8913fbf2c227ee61
kernel-rt-debug-core-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: a95e4bb4d7c15d366b16c254c2eb9721c57bdbb2bfb04db108d1de7818817b57
kernel-rt-debug-debuginfo-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: fd05fdb323a3b3d10a1a01dc30bec6aef5b2f6e31efe236f725056425feb955f
kernel-rt-debug-devel-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 583c688a0b02dc3352a1fe4628a384d8c37a2b937ffe512bb72dfa0b675c738a
kernel-rt-debug-kvm-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: a672cebd3d302c65c425c76ea4ddcde6e05978009f058d16c8ddcba183285885
kernel-rt-debug-modules-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 05578753fc14d5a0fe040b71066d84eed05c29eba33a879dd3d99a430c933879
kernel-rt-debug-modules-extra-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: ce69f8b8521552562280ec998afe7015b9a35ddb52ea4106dc36fad7df271f6f
kernel-rt-debuginfo-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 39d3b88b6d6fe80c3d92dee33a29291555a6619e669c35f665fe6c2939b12e2b
kernel-rt-debuginfo-common-x86_64-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 14a79d8999436ae67489d7ca19203e75a2def5dda61a007d6707860fc8cb080a
kernel-rt-devel-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 9c89688439151d5b7db738633f4079e59ec2b12526ffba734f69eed8d28bfe32
kernel-rt-kvm-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 72fe33abf8ed63468a3aa2a526a33477663453391f9bd9f1749885349a939415
kernel-rt-modules-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: c22c84cf93a11ba1087628c95077c5a6576b1d3fdb0c0b0aa3c60be478aa8a84
kernel-rt-modules-extra-4.18.0-553.rt7.342.el8_10.x86_64.rpm SHA-256: 033b6d3698a39ec9b4b9ed7e763b5272e6222e76bd729f2646c99efe1bd62465

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.