Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:4412 - Security Advisory
Issued:
2024-07-09
Updated:
2024-07-09

RHSA-2024:4412 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation (CVE-2024-0193)
  • kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
  • kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (CVE-2024-26673)

Bug Fix(es):

  • kernel-rt: update RT source tree to the latest RHEL-9.0.z Batch 18 (JIRA:RHEL-36756)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

  • BZ - 2255653 - CVE-2024-0193 kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation
  • BZ - 2265285 - CVE-2023-52434 kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
  • BZ - 2272816 - CVE-2024-26673 kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

CVEs

  • CVE-2023-52434
  • CVE-2024-0193
  • CVE-2024-26673

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
kernel-rt-5.14.0-70.105.1.rt21.177.el9_0.src.rpm SHA-256: 5277aa48ee85ea7a0fda76695fa87d041e53a95519cfb20b1b52f74af264f84d
x86_64
kernel-rt-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: a9a3a97791b4262e0b6f96e23407ad99d3af75d536d0668f218e5c1760a1b902
kernel-rt-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: a9a3a97791b4262e0b6f96e23407ad99d3af75d536d0668f218e5c1760a1b902
kernel-rt-core-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 45b0d19c5b350cfafd708752b1989dc11e62051bfa9a46b166c06b54b3924660
kernel-rt-core-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 45b0d19c5b350cfafd708752b1989dc11e62051bfa9a46b166c06b54b3924660
kernel-rt-debug-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 40ddb47ca954191746fd6af67027265cb2d6201a89473ccd24459c869082b26d
kernel-rt-debug-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 40ddb47ca954191746fd6af67027265cb2d6201a89473ccd24459c869082b26d
kernel-rt-debug-core-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 003e6f9310fd404f7474778c8e5841a7d240c6d7168c49bc8dd1190b1b7ee77b
kernel-rt-debug-core-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 003e6f9310fd404f7474778c8e5841a7d240c6d7168c49bc8dd1190b1b7ee77b
kernel-rt-debug-debuginfo-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 59ff348a485285155b5d920fe4c5f9bbf5f33fffa1b2e74995adbdb8e4274e32
kernel-rt-debug-debuginfo-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 59ff348a485285155b5d920fe4c5f9bbf5f33fffa1b2e74995adbdb8e4274e32
kernel-rt-debug-devel-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 0a62b81569794066c93b3687aee8e2416caa77075542bef777c7ed5597087901
kernel-rt-debug-devel-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 0a62b81569794066c93b3687aee8e2416caa77075542bef777c7ed5597087901
kernel-rt-debug-kvm-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 85ee63fb7763a0788eb71e982ed9536ce18a641d4290946497da5d363ae36adb
kernel-rt-debug-modules-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: ab84cb19ad57b9c86a6e614b90eb0a63355986f30f121e3508a3cbd96b316570
kernel-rt-debug-modules-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: ab84cb19ad57b9c86a6e614b90eb0a63355986f30f121e3508a3cbd96b316570
kernel-rt-debug-modules-extra-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 75bb56fad5578d37cc8b445d17f02c9c11950e860f7f7899907c18811ccb1f23
kernel-rt-debug-modules-extra-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 75bb56fad5578d37cc8b445d17f02c9c11950e860f7f7899907c18811ccb1f23
kernel-rt-debuginfo-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 24ee093cf470dcafe12f01c3e50c16fa7cda7b0b36ffff4734d75a9a98091cea
kernel-rt-debuginfo-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 24ee093cf470dcafe12f01c3e50c16fa7cda7b0b36ffff4734d75a9a98091cea
kernel-rt-debuginfo-common-x86_64-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 40839cfb1bb79ac67ad590d6892d63da53ffd94c6b94827b624615a62399fb44
kernel-rt-debuginfo-common-x86_64-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 40839cfb1bb79ac67ad590d6892d63da53ffd94c6b94827b624615a62399fb44
kernel-rt-devel-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: dcc3e948ee7b0b749dff26a5d1e36074dc82c1c4f581ee4a4afe1e935b73d108
kernel-rt-devel-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: dcc3e948ee7b0b749dff26a5d1e36074dc82c1c4f581ee4a4afe1e935b73d108
kernel-rt-kvm-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 4ba1d18c4770ba93c9c873278331aa29fcea918cc017ab67293b593c51afd767
kernel-rt-modules-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: a37d73db380fafbd7df4d54db938bea3817c275faf3adbad76c0ac2e8cee009b
kernel-rt-modules-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: a37d73db380fafbd7df4d54db938bea3817c275faf3adbad76c0ac2e8cee009b
kernel-rt-modules-extra-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 50504685089adaecdb88f7019c1fb2cb0a6c6c40b935e62c4647542fe58abd1f
kernel-rt-modules-extra-5.14.0-70.105.1.rt21.177.el9_0.x86_64.rpm SHA-256: 50504685089adaecdb88f7019c1fb2cb0a6c6c40b935e62c4647542fe58abd1f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility