Red Hat Product Errata RHSA-2024:7003 - Security Advisory
Issued:
2024-09-24
Updated:
2024-09-24

RHSA-2024:7003 - Security Advisory

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
  • kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)
  • kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64

Fixes

  • BZ - 2277238 - CVE-2024-36886 kernel: TIPC message reassembly use-after-free remote code execution vulnerability
  • BZ - 2278314 - CVE-2024-26993 kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()
  • BZ - 2300448 - CVE-2024-41071 kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing

Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4

SRPM
kernel-rt-4.18.0-305.141.1.rt7.217.el8_4.src.rpm SHA-256: b410e46e3852604126ab4f6a5a18b953a0c4b551dd7ea876a3a8531d4777face
x86_64
kernel-rt-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 5ac092875a4374c430c3bf20455702f80cec176426d605d5e9d39222d2f67e50
kernel-rt-core-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 4ff949227073b5bbd8ed6823de2db0688eb739a7a4b19cc65c5c3057f19f6f9c
kernel-rt-debug-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 66fcdf6ef276febfa89c0281620a652232ca7b8094a61539bfd22f4a351ea0f5
kernel-rt-debug-core-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 2e6ed71b431bc643fd88ffa5adad599579759b75529f6afebbc7ba3531c0b48f
kernel-rt-debug-debuginfo-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 81b87701aa375a1ab347a479c94890f9d4ea9130d145dad078cdff0463e316b4
kernel-rt-debug-devel-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 620f0b98398d90aa65211bdcc5846d24a16b7cfffed1fbb5765b870e4fd8bc86
kernel-rt-debug-modules-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 9fcec97f9eed7d5a5348602e711665d25fa683c2a7b99192a8b50395b8af7788
kernel-rt-debug-modules-extra-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: c82503b86ad69c52f805c0c9833e714e61412d2d1b5486c4195d730d39067514
kernel-rt-debuginfo-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 8373ac3a6be4d6e02c6cf5a3dd7c19c088a06ee9d636bd5752cafa09806bf569
kernel-rt-debuginfo-common-x86_64-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: f927aa9b2e95735c41bb694c64d4b481905a371f61125e8fb90a8834d6918460
kernel-rt-devel-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 4c2f99629a7678c25021b20363e08d10ecf97c5395d736c0da7923c6ec5c4652
kernel-rt-modules-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 6647c257df38ea72fe9a679441eb44458506224469843a21887bd2257c5471b8
kernel-rt-modules-extra-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 2fbd4a0b26b8fcca76152139cc8834430060da24a27ae9cc2f6c2271fac644ba

Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4

SRPM
kernel-rt-4.18.0-305.141.1.rt7.217.el8_4.src.rpm SHA-256: b410e46e3852604126ab4f6a5a18b953a0c4b551dd7ea876a3a8531d4777face
x86_64
kernel-rt-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 5ac092875a4374c430c3bf20455702f80cec176426d605d5e9d39222d2f67e50
kernel-rt-core-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 4ff949227073b5bbd8ed6823de2db0688eb739a7a4b19cc65c5c3057f19f6f9c
kernel-rt-debug-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 66fcdf6ef276febfa89c0281620a652232ca7b8094a61539bfd22f4a351ea0f5
kernel-rt-debug-core-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 2e6ed71b431bc643fd88ffa5adad599579759b75529f6afebbc7ba3531c0b48f
kernel-rt-debug-debuginfo-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 81b87701aa375a1ab347a479c94890f9d4ea9130d145dad078cdff0463e316b4
kernel-rt-debug-devel-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 620f0b98398d90aa65211bdcc5846d24a16b7cfffed1fbb5765b870e4fd8bc86
kernel-rt-debug-kvm-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 6f7aeeeaafecdf71b1c8db5c77494a11933c1ee213d3be7c0236a5b26fcbecdb
kernel-rt-debug-modules-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 9fcec97f9eed7d5a5348602e711665d25fa683c2a7b99192a8b50395b8af7788
kernel-rt-debug-modules-extra-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: c82503b86ad69c52f805c0c9833e714e61412d2d1b5486c4195d730d39067514
kernel-rt-debuginfo-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 8373ac3a6be4d6e02c6cf5a3dd7c19c088a06ee9d636bd5752cafa09806bf569
kernel-rt-debuginfo-common-x86_64-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: f927aa9b2e95735c41bb694c64d4b481905a371f61125e8fb90a8834d6918460
kernel-rt-devel-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 4c2f99629a7678c25021b20363e08d10ecf97c5395d736c0da7923c6ec5c4652
kernel-rt-kvm-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: a440cae00fe78ff3692ac52a55194061a89b63f991b42453c03b95b4bd5eabde
kernel-rt-modules-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 6647c257df38ea72fe9a679441eb44458506224469843a21887bd2257c5471b8
kernel-rt-modules-extra-4.18.0-305.141.1.rt7.217.el8_4.x86_64.rpm SHA-256: 2fbd4a0b26b8fcca76152139cc8834430060da24a27ae9cc2f6c2271fac644ba

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.