Red Hat Product Errata RHSA-2024:6992 - Security Advisory
Issued:
2024-09-24
Updated:
2024-09-24

RHSA-2024:6992 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)
  • kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)
  • kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)
  • kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)
  • kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
  • kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
  • kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

  • BZ - 2275744 - CVE-2024-26908 kernel: x86/xen: Add some null pointer checking to smp.c
  • BZ - 2298135 - CVE-2022-48799 kernel: perf: Fix list corruption in perf_cgroup_switch()
  • BZ - 2298167 - CVE-2022-48828 kernel: NFSD: Fix ia_size underflow
  • BZ - 2298168 - CVE-2022-48829 kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
  • BZ - 2299240 - CVE-2024-41090 kernel: virtio-net: tap: mlx5_core short frame denial of service
  • BZ - 2299336 - CVE-2024-41091 kernel: virtio-net: tun: mlx5_core short frame denial of service
  • BZ - 2300448 - CVE-2024-41071 kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
kernel-4.18.0-193.141.1.el8_2.src.rpm SHA-256: 04229bb49c39dcf17a333a8ca0de57ca7b33178009ad02bc77f90906f6a7f1d2
x86_64
bpftool-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 39f783cdf647521684eff0fc06fe2129ce552241034c85c047a999386cec69a9
bpftool-debuginfo-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 4905e2886920be227d6b0f6afc4cf0e5cf4bc5b4edda3f443589cfb15413b35a
kernel-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 8b0a063c6c08fcc0213b852ac09f4f19cd4810c12082a73d2524ab72a4fe3fba
kernel-abi-whitelists-4.18.0-193.141.1.el8_2.noarch.rpm SHA-256: db70ace79c223ae8e0862377aa2836e5d17df028afbd940ffec2e65ebc7c03a8
kernel-core-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 4e17c6cc04cba27c755581ebe12273a88229f5cd2d22512d329878d11f63852d
kernel-cross-headers-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 86d4b9d319ad1306e149d9b7740491d1f63b180e03cfcd238b6f87d9cdc36a71
kernel-debug-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 583de6fdb822ad3b37915ad0cf46d22b98a6ddb1d782e5e7ad5e27e30e47dd2c
kernel-debug-core-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: a558e7e4bfffe97add71521ba78e6b5dad10fb31d6f9733642e2842166c71529
kernel-debug-debuginfo-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: bf98b186a908d9f58d443363bffe583272e67bd80c7f415668589b7ce5ab4c49
kernel-debug-devel-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 380c712d9d9b9b046a12cb072f4702370df594acd0b4fdd12b9128cddcddb393
kernel-debug-modules-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 5f6558651844e1c8e80d7b1ad9f4b3ae6cfe6b29a3863bce672cdc7e5fbbde29
kernel-debug-modules-extra-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 5a8dcd07d386d447d65e4ed1b08f3449691b0abb113a392c7506c2cd218b0e85
kernel-debuginfo-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: b2c14320dace15011484a8237e7cac416ea6ef7067dfb1cde5718642ce2813b6
kernel-debuginfo-common-x86_64-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: fb1f04ce8934881ab6be42c5f10a038e6ee6353028bf685a5fbeab3d9b19ae78
kernel-devel-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: e8a9cd67b41dde725219de81dcf232280e30b4b384d491cb3d26fade07e206f6
kernel-doc-4.18.0-193.141.1.el8_2.noarch.rpm SHA-256: e61c5ce5dcb124c7b2af8bbda9f3ac4a0a8593266176f41e56a3392001caec87
kernel-headers-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 8c486fa3e3cd9956bee8ae8e6cab074a41787a1864e1fe85945de65833d3755c
kernel-modules-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: d0e03ed21f7c4d75c47172415795b6f38a0e9cef22b822979c74ee8c8fb44832
kernel-modules-extra-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 4c07a8dc38a624ced988df2a0b9d6e4a344338f7058f10931423da58951c10e2
kernel-tools-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: dbc0d4c51c7cd1ca227045f3c53ef64efe80afd7bf5b6b40a58f62dca676c4f9
kernel-tools-debuginfo-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 421cdb51b2f26f82e326aca0cdfca33f186a9386f34bbc4cb509a73fd7bf94a9
kernel-tools-libs-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 28e770cedf3afe07159fef2757a9e0acbe3955c4095d0c2a22e9d0274409aaad
perf-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 6678f38ec6c0600ec42c17ca9f10083a6797121f3dfa7dac81095dbed1da2b56
perf-debuginfo-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 3d572f5e4cea3cfcd6874ec56c85a76bd8047d31c56828a3ceafeabe4a8bbaca
python3-perf-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: 21dfb30cc5fff2b589cc52a61f733a424ee30af2d5e61d4fde329763daea6f22
python3-perf-debuginfo-4.18.0-193.141.1.el8_2.x86_64.rpm SHA-256: deeff50449162a48899bf6a07bbe27e499a3dcb73ea35f2642c8e07229aebc3d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.