Red Hat Product Errata RHSA-2024:4729 - Security Advisory
Issued:
2024-07-23
Updated:
2024-07-23

RHSA-2024:4729 - Security Advisory

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)
  • kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64

Fixes

  • BZ - 2255498 - CVE-2023-6546 kernel: GSM multiplexing race condition leads to privilege escalation
  • BZ - 2278989 - CVE-2024-21823 kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application

Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4

SRPM
kernel-rt-4.18.0-305.134.1.rt7.210.el8_4.src.rpm SHA-256: 0ffd084f0030286e9cf15905cc185acc3b63faa368dac423b38ba44fab3791d5
x86_64
kernel-rt-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: eab50b3008011bdf306b7665ec27c73f04c01cef8147c67a4dd3cb0cafc4ce87
kernel-rt-core-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: f7dd02c98c8541ec34cecf6265f83674255debe39a89762880c2c8c2ff2adc71
kernel-rt-debug-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 214f8a70bcee8d74f81beaab7b0a905f0ff879ae86c61c69e17e6d03a22d6089
kernel-rt-debug-core-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: e68db47e8d5c505ab671af8e3c836a5ca80b5e86bf7ef7d6c8b476fc3d0c9edd
kernel-rt-debug-debuginfo-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: ca73d2f28233a85ff73d4d31f3a4bcb00a3933dc533eafbe7c665b3a395cc150
kernel-rt-debug-devel-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: de9646eddd5db2a3b667d6052aa876bd0e711c5456636cf45cea06519ee60a42
kernel-rt-debug-modules-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 87779c1722fc1bfdf680d8c76f977a8809849e3117008c0b1b58120995183021
kernel-rt-debug-modules-extra-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 04e66dfff086fa3c806c9d0240d3bb7f82f8c516f871feeb4c1e17c4905903a8
kernel-rt-debuginfo-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: d62982b1950c4708a0c77618c0246399875e93e24873dbead52448db07df42f8
kernel-rt-debuginfo-common-x86_64-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 4e962f4ae8a4242b7f50267987abae463fd5b5ba1b0c306115d18bd9951e8fdf
kernel-rt-devel-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 03eeb03dabaffee7b27b287ebddb815b31fb870c656201c7a376cbdbd86c362c
kernel-rt-modules-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 0f700b7852f27177da935cdf353e8903b3f4d5fa104ff3db8af29163fc404017
kernel-rt-modules-extra-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 69e1ae22230e498d780b52c30342dfd7734a5f66a5d6c228b9e8284bdc42840e

Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4

SRPM
kernel-rt-4.18.0-305.134.1.rt7.210.el8_4.src.rpm SHA-256: 0ffd084f0030286e9cf15905cc185acc3b63faa368dac423b38ba44fab3791d5
x86_64
kernel-rt-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: eab50b3008011bdf306b7665ec27c73f04c01cef8147c67a4dd3cb0cafc4ce87
kernel-rt-core-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: f7dd02c98c8541ec34cecf6265f83674255debe39a89762880c2c8c2ff2adc71
kernel-rt-debug-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 214f8a70bcee8d74f81beaab7b0a905f0ff879ae86c61c69e17e6d03a22d6089
kernel-rt-debug-core-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: e68db47e8d5c505ab671af8e3c836a5ca80b5e86bf7ef7d6c8b476fc3d0c9edd
kernel-rt-debug-debuginfo-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: ca73d2f28233a85ff73d4d31f3a4bcb00a3933dc533eafbe7c665b3a395cc150
kernel-rt-debug-devel-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: de9646eddd5db2a3b667d6052aa876bd0e711c5456636cf45cea06519ee60a42
kernel-rt-debug-kvm-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 4a514ff344f3dd2b87321fd43bbcb2ea260959838f5e16945b4af26cbcc53155
kernel-rt-debug-modules-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 87779c1722fc1bfdf680d8c76f977a8809849e3117008c0b1b58120995183021
kernel-rt-debug-modules-extra-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 04e66dfff086fa3c806c9d0240d3bb7f82f8c516f871feeb4c1e17c4905903a8
kernel-rt-debuginfo-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: d62982b1950c4708a0c77618c0246399875e93e24873dbead52448db07df42f8
kernel-rt-debuginfo-common-x86_64-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 4e962f4ae8a4242b7f50267987abae463fd5b5ba1b0c306115d18bd9951e8fdf
kernel-rt-devel-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 03eeb03dabaffee7b27b287ebddb815b31fb870c656201c7a376cbdbd86c362c
kernel-rt-kvm-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: b5384275a73f46db2a6e277186971dac9a775ba0d86a3550adf1245acb1e9fd9
kernel-rt-modules-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 0f700b7852f27177da935cdf353e8903b3f4d5fa104ff3db8af29163fc404017
kernel-rt-modules-extra-4.18.0-305.134.1.rt7.210.el8_4.x86_64.rpm SHA-256: 69e1ae22230e498d780b52c30342dfd7734a5f66a5d6c228b9e8284bdc42840e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.