Red Hat Product Errata RHSA-2024:8158 - Security Advisory
Issued:
2024-10-16
Updated:
2024-10-16

RHSA-2024:8158 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)
  • kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)
  • kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)
  • kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)
  • kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)
  • kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
  • kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)
  • kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)
  • kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64

Fixes

  • BZ - 2270700 - CVE-2023-28746 kernel: Local information disclosure on Intel(R) Atom(R) processors
  • BZ - 2282355 - CVE-2021-47385 kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field
  • BZ - 2293654 - CVE-2024-36244 kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too
  • BZ - 2296067 - CVE-2024-39472 kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup
  • BZ - 2300430 - CVE-2024-41056 kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
  • BZ - 2300442 - CVE-2024-41066 kernel: ibmvnic: Add tx check to prevent skb leak
  • BZ - 2300552 - CVE-2024-42090 kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER

Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2

SRPM
kernel-rt-5.14.0-284.88.1.rt14.373.el9_2.src.rpm SHA-256: 6ded3b585af9219c79a076021720d8185a30312b5ab37055fbe699f9d10ba4f1
x86_64
kernel-rt-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 2edcf8c9934b23ab36a2792c44b7660eb85910c8cd264bb1a80d2ee99e4b8dd8
kernel-rt-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 0413f1de7114f593b0c17d2aa4c8fb68a9da7a154445a01042f8c4f9f7ed88b7
kernel-rt-debug-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 5a56cc4f5e042a50b3744c00ad08c46a596cbac4c40977cd555d08978112fab9
kernel-rt-debug-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 3ae3e9504ac76221dfcd13d0df87aad4d2144b49267991a9186745f39966f174
kernel-rt-debug-debuginfo-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 1dccdd2eda3a53aad8bd22f8ab93659ca3daedb7affd1c54de937ca6822ce363
kernel-rt-debug-devel-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 9d38ff0c03f3b688cfca7cd91a10644c0bf95cda1dc5989f159d06af148be669
kernel-rt-debug-modules-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 84fc9306a48bcb1f5ece3cc1c5cf5b2b92398ed4320e6f625e4508e52e51d7ba
kernel-rt-debug-modules-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: bd5bf034fd8f914c878f031e200ce895a817b92d3e1cb23e3825638be648166f
kernel-rt-debug-modules-extra-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 0ef459dc6a6059c3d03d9110e1b49be4698e6fb1250d4ad84b74ae71d0193b7c
kernel-rt-debuginfo-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: ff3e5f0a164a9c12d16b576d4beeb1656e797a5af5ec0f0b6f0b77d9136c9641
kernel-rt-debuginfo-common-x86_64-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: f8a5209c88f96bd722c06ab340dac7b2641f4be8927313d97a30c7b90dcd2ce4
kernel-rt-devel-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: dc207519d5843970dddfb542a8abd4dffdc2a40c0c25443d5c82de72d206d618
kernel-rt-modules-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 67fd39691fd2d1e6b6f5e4fb2a40e1bd90b7545bda8a6c85b9bd2e963755a3f3
kernel-rt-modules-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: e5ff1f229b197377fa49ae4170fa4cdf49af53e25c436c219256b71520d045c1
kernel-rt-modules-extra-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: fad7dc68614c06b0e00725f8bdf4c050dfcd97e93091d068a4c636ca2fd91df0

Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2

SRPM
kernel-rt-5.14.0-284.88.1.rt14.373.el9_2.src.rpm SHA-256: 6ded3b585af9219c79a076021720d8185a30312b5ab37055fbe699f9d10ba4f1
x86_64
kernel-rt-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 2edcf8c9934b23ab36a2792c44b7660eb85910c8cd264bb1a80d2ee99e4b8dd8
kernel-rt-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 0413f1de7114f593b0c17d2aa4c8fb68a9da7a154445a01042f8c4f9f7ed88b7
kernel-rt-debug-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 5a56cc4f5e042a50b3744c00ad08c46a596cbac4c40977cd555d08978112fab9
kernel-rt-debug-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 3ae3e9504ac76221dfcd13d0df87aad4d2144b49267991a9186745f39966f174
kernel-rt-debug-debuginfo-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 1dccdd2eda3a53aad8bd22f8ab93659ca3daedb7affd1c54de937ca6822ce363
kernel-rt-debug-devel-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 9d38ff0c03f3b688cfca7cd91a10644c0bf95cda1dc5989f159d06af148be669
kernel-rt-debug-kvm-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 866b1b0fad7f9a5a2f2d8ee10877778b5e1e1d39601be4709eb3385e07e2eba6
kernel-rt-debug-modules-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 84fc9306a48bcb1f5ece3cc1c5cf5b2b92398ed4320e6f625e4508e52e51d7ba
kernel-rt-debug-modules-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: bd5bf034fd8f914c878f031e200ce895a817b92d3e1cb23e3825638be648166f
kernel-rt-debug-modules-extra-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 0ef459dc6a6059c3d03d9110e1b49be4698e6fb1250d4ad84b74ae71d0193b7c
kernel-rt-debuginfo-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: ff3e5f0a164a9c12d16b576d4beeb1656e797a5af5ec0f0b6f0b77d9136c9641
kernel-rt-debuginfo-common-x86_64-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: f8a5209c88f96bd722c06ab340dac7b2641f4be8927313d97a30c7b90dcd2ce4
kernel-rt-devel-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: dc207519d5843970dddfb542a8abd4dffdc2a40c0c25443d5c82de72d206d618
kernel-rt-kvm-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: a2c8ecf72ac464060eac1aa71dc4a3bde6f6319cb0cf01fb7e94a30538c5e716
kernel-rt-modules-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: 67fd39691fd2d1e6b6f5e4fb2a40e1bd90b7545bda8a6c85b9bd2e963755a3f3
kernel-rt-modules-core-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: e5ff1f229b197377fa49ae4170fa4cdf49af53e25c436c219256b71520d045c1
kernel-rt-modules-extra-5.14.0-284.88.1.rt14.373.el9_2.x86_64.rpm SHA-256: fad7dc68614c06b0e00725f8bdf4c050dfcd97e93091d068a4c636ca2fd91df0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.