Red Hat Product Errata RHSA-2024:6745 - Security Advisory
Issued:
2024-09-18
Updated:
2024-09-18

RHSA-2024:6745 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886)
  • kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)
  • kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (CVE-2023-52880)
  • kernel: cpufreq: exit() callback is optional (CVE-2024-38615)
  • kernel: cppc_cpufreq: Fix possible null pointer dereference (CVE-2024-38573)
  • kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)
  • kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)
  • kernel: sched/deadline: Fix task_struct reference leak (CVE-2024-41023)
  • kernel: mm/filemap: skip to create PMD-sized page cache if needed (CVE-2024-41031)
  • kernel: mm/shmem: disable PMD-sized page cache if needed (CVE-2024-42241)
  • kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (CVE-2024-42243)
  • kernel: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (CVE-2024-42246)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64

Fixes

  • BZ - 2275678 - CVE-2024-26886 kernel: Bluetooth: af_bluetooth: Fix deadlock
  • BZ - 2278354 - CVE-2024-26974 kernel: crypto: qat - resolve race condition during AER recovery
  • BZ - 2283468 - CVE-2023-52880 kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
  • BZ - 2293348 - CVE-2024-38615 kernel: cpufreq: exit() callback is optional
  • BZ - 2293420 - CVE-2024-38573 kernel: cppc_cpufreq: Fix possible null pointer dereference
  • BZ - 2293440 - CVE-2024-38559 kernel: scsi: qedf: Ensure the copied buf is NUL terminated
  • BZ - 2297568 - CVE-2024-40984 kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
  • BZ - 2300381 - CVE-2024-41023 kernel: sched/deadline: Fix task_struct reference leak
  • BZ - 2300395 - CVE-2024-41031 kernel: mm/filemap: skip to create PMD-sized page cache if needed

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
kernel-rt-5.14.0-284.84.1.rt14.369.el9_2.src.rpm SHA-256: 889795725f9a2c8947219cf81f928fb039683d8b200309f7ed647611295c35f2
x86_64
kernel-rt-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 2edfb4dac081f8ec4370ee8f155e1a4649c16438a6533526de1856991e3b8a36
kernel-rt-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 2edfb4dac081f8ec4370ee8f155e1a4649c16438a6533526de1856991e3b8a36
kernel-rt-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 1eec72810ac4729ea31e05898bf869fcfd8ea983563578926f16ede99818c4cb
kernel-rt-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 1eec72810ac4729ea31e05898bf869fcfd8ea983563578926f16ede99818c4cb
kernel-rt-debug-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: f642346501235170b84de1fd27c08af6de9892321780477f3fa67e119bfa8a10
kernel-rt-debug-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: f642346501235170b84de1fd27c08af6de9892321780477f3fa67e119bfa8a10
kernel-rt-debug-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: bb2ef2e93b158db9f7f6a4177f4dad6bb250174bec5178394b02a41827f5e1a8
kernel-rt-debug-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: bb2ef2e93b158db9f7f6a4177f4dad6bb250174bec5178394b02a41827f5e1a8
kernel-rt-debug-debuginfo-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 61eeb6d703944c138246bfe313200c510af7236efbed92cff7083e06d7bec021
kernel-rt-debug-debuginfo-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 61eeb6d703944c138246bfe313200c510af7236efbed92cff7083e06d7bec021
kernel-rt-debug-devel-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 0e63bdad58d55767acbdf8fce91bdefb9e545efa6e6296903aff4cf1dab9e4f2
kernel-rt-debug-devel-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 0e63bdad58d55767acbdf8fce91bdefb9e545efa6e6296903aff4cf1dab9e4f2
kernel-rt-debug-kvm-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: d51e8a1896eaccaa0dd5f73b86f68a505edfacea648320992607fecf897ab536
kernel-rt-debug-modules-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 8375835de271d60998d044c275fa2b070e9a78d17b8e46e8defcaedd32189cf9
kernel-rt-debug-modules-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 8375835de271d60998d044c275fa2b070e9a78d17b8e46e8defcaedd32189cf9
kernel-rt-debug-modules-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 235f68a337021665ace348e7b5c0cfeb28df98a1f83f071b163aace18670848e
kernel-rt-debug-modules-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 235f68a337021665ace348e7b5c0cfeb28df98a1f83f071b163aace18670848e
kernel-rt-debug-modules-extra-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 191b0d9d2d8ca240313c186c5ff5bff0af84bb3f73eddf17aeb1961dd8929530
kernel-rt-debug-modules-extra-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 191b0d9d2d8ca240313c186c5ff5bff0af84bb3f73eddf17aeb1961dd8929530
kernel-rt-debuginfo-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: f75697fe72088b2bfc1a5ba517c1bbffbb290d9411ee5d3fc92e519371bff277
kernel-rt-debuginfo-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: f75697fe72088b2bfc1a5ba517c1bbffbb290d9411ee5d3fc92e519371bff277
kernel-rt-debuginfo-common-x86_64-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 586f3c12785f9b7e7c41b45da8666b250574d2659cc9e00fd0a4b1ff715a5ff6
kernel-rt-debuginfo-common-x86_64-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 586f3c12785f9b7e7c41b45da8666b250574d2659cc9e00fd0a4b1ff715a5ff6
kernel-rt-devel-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 6c9ab830f9710b3043f2c2091d38ffc2a7e21aa3d357b95d45317608580d298e
kernel-rt-devel-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 6c9ab830f9710b3043f2c2091d38ffc2a7e21aa3d357b95d45317608580d298e
kernel-rt-kvm-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 058b642eb91097ddef11343adc6ed88239219c30acbce7a582271d9ce34b0673
kernel-rt-modules-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 20464d51438867f5819babdb6a3f035308ce1d79ffe949ec2813ab563d288d08
kernel-rt-modules-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 20464d51438867f5819babdb6a3f035308ce1d79ffe949ec2813ab563d288d08
kernel-rt-modules-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 78adea5e8f66e66b4fa9e065950c888530b0ad4a13112458dada37df00243b90
kernel-rt-modules-core-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: 78adea5e8f66e66b4fa9e065950c888530b0ad4a13112458dada37df00243b90
kernel-rt-modules-extra-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: fc8d73c437981eda7163b359b5b393cf3433ff956f2b9d2bc4a7b5f7cf9649f7
kernel-rt-modules-extra-5.14.0-284.84.1.rt14.369.el9_2.x86_64.rpm SHA-256: fc8d73c437981eda7163b359b5b393cf3433ff956f2b9d2bc4a7b5f7cf9649f7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.