- Issued:
- 2024-11-05
- Updated:
- 2024-11-05
RHSA-2024:8870 - Security Advisory
Synopsis
Moderate: kernel-rt security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)
- kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)
- kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)
- kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
- kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)
- kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)
- kernel: nouveau: lock the client object tree. (CVE-2024-27062)
- kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)
- kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
- kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)
- kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
- kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
- kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)
- kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
- kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)
- kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)
- kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)
- kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
- kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)
- kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)
- kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
- kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)
- kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
- kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)
- kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)
- kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)
- kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)
- kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)
- kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
- kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
- kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)
- kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)
- kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)
- kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)
- kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)
- kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)
- kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)
- kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)
- kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
- kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)
- kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)
- kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
Fixes
- BZ - 2266247 - CVE-2024-24857 kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set()
- BZ - 2269183 - CVE-2023-52492 kernel: dmaengine: fix NULL pointer in channel unregistration function
- BZ - 2275750 - CVE-2024-26851 kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range
- BZ - 2277168 - CVE-2024-26924 kernel: netfilter: nft_set_pipapo: do not free live element
- BZ - 2278262 - CVE-2024-27017 kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump
- BZ - 2278350 - CVE-2024-26976 kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed
- BZ - 2278387 - CVE-2024-27062 kernel: nouveau: lock the client object tree.
- BZ - 2281284 - CVE-2024-35839 kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info
- BZ - 2281669 - CVE-2024-35898 kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
- BZ - 2281817 - CVE-2024-35939 kernel: dma-direct: Leak pages on dma_set_decrypted() failure
- BZ - 2293356 - CVE-2024-38608 kernel: net/mlx5e: Fix netif state handling
- BZ - 2293402 - CVE-2024-38586 kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets.
- BZ - 2293458 - CVE-2024-38541 kernel: of: module: add buffer overflow check in of_modalias()
- BZ - 2293459 - CVE-2024-38540 kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
- BZ - 2297475 - CVE-2024-39503 kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
- BZ - 2297508 - CVE-2024-40924 kernel: drm/i915/dpt: Make DPT object unshrinkable
- BZ - 2297545 - CVE-2024-40961 kernel: ipv6: prevent possible NULL deref in fib6_nh_init()
- BZ - 2297567 - CVE-2024-40983 kernel: tipc: force a dst refcount before doing decryption
- BZ - 2297568 - CVE-2024-40984 kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
- BZ - 2298109 - CVE-2022-48773 kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
- BZ - 2298412 - CVE-2024-41009 kernel: bpf: Fix overrunning reservations in ringbuf
- BZ - 2300412 - CVE-2024-41042 kernel: netfilter: nf_tables: prefer nft_chain_validate
- BZ - 2300442 - CVE-2024-41066 kernel: ibmvnic: Add tx check to prevent skb leak
- BZ - 2300487 - CVE-2024-41092 kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers
- BZ - 2300488 - CVE-2024-41093 kernel: drm/amdgpu: avoid using null object of framebuffer
- BZ - 2300508 - CVE-2024-42070 kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
- BZ - 2300517 - CVE-2024-42079 kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush
- BZ - 2307862 - CVE-2024-43889 kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper()
- BZ - 2307865 - CVE-2024-43892 kernel: memcg: protect concurrent access to mem_cgroup_idr
- BZ - 2307892 - CVE-2024-44935 kernel: sctp: Fix null-ptr-deref in reuseport_add_sock().
- BZ - 2309852 - CVE-2024-44989 kernel: bonding: fix xfrm real_dev null pointer dereference
- BZ - 2309853 - CVE-2024-44990 kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok
- BZ - 2311715 - CVE-2024-45018 kernel: netfilter: flowtable: initialise extack before use
- BZ - 2315178 - CVE-2024-46826 kernel: ELF: fix kernel.randomize_va_space double read
- BZ - 2317601 - CVE-2024-47668 kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
CVEs
- CVE-2022-48773
- CVE-2022-48936
- CVE-2023-52492
- CVE-2024-24857
- CVE-2024-26851
- CVE-2024-26924
- CVE-2024-26976
- CVE-2024-27017
- CVE-2024-27062
- CVE-2024-35839
- CVE-2024-35898
- CVE-2024-35939
- CVE-2024-38540
- CVE-2024-38541
- CVE-2024-38586
- CVE-2024-38608
- CVE-2024-39503
- CVE-2024-40924
- CVE-2024-40961
- CVE-2024-40983
- CVE-2024-40984
- CVE-2024-41009
- CVE-2024-41042
- CVE-2024-41066
- CVE-2024-41092
- CVE-2024-41093
- CVE-2024-42070
- CVE-2024-42079
- CVE-2024-42244
- CVE-2024-42284
- CVE-2024-42292
- CVE-2024-42301
- CVE-2024-43854
- CVE-2024-43880
- CVE-2024-43889
- CVE-2024-43892
- CVE-2024-44935
- CVE-2024-44989
- CVE-2024-44990
- CVE-2024-45018
- CVE-2024-46826
- CVE-2024-47668
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-553.27.1.rt7.368.el8_10.src.rpm | SHA-256: 9762fe6d32ca1eefa462ca9478ce94ee7bb2c99143fbf87bec2ed4291316cd65 |
| x86_64 | |
| kernel-rt-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: a9c04de733523f25d17142918997f25f423c568b1c146fb618eb73b1aec87dd3 |
| kernel-rt-core-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 68545b9e1444d31ae72c029b375098d6d68a557b81ebc7531b3d35f360d362cb |
| kernel-rt-debug-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 69ae1da403c7d234911072584833f859620fb6344b0104f26a0673dadb1dd968 |
| kernel-rt-debug-core-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: b8281c1b82e443447132e07907490827a99984c8ea7a61638b9746ce79b9cfde |
| kernel-rt-debug-debuginfo-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 256b68097b5b72d9b4bdf08e96cf328cfe979bceddb241e45f2fd0f6a6a83478 |
| kernel-rt-debug-devel-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 888b1b9a99a8986a450f2f918dd082be92a9ccfa09b6e73c704822469c6e3bc2 |
| kernel-rt-debug-modules-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 69c9f7768abea12f15a275f9fbf0d9b7fa13e04697366f0e5c53fa6ec775ac8b |
| kernel-rt-debug-modules-extra-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: d5981ecae75fa3e516eba2b2ede51c9fce4712e67e017bb041e174ed8df6d6d2 |
| kernel-rt-debuginfo-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 9874c5f8cb65ead0a68cc1ddd039b5dc247c7ebc03d8666d844faa381aad1314 |
| kernel-rt-debuginfo-common-x86_64-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: d7cdbdec5c02cfe47238fbfa6959dec148b7d4efc8e46f598614c53538f093e5 |
| kernel-rt-devel-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: bf66d8dcbefb306fb15b5e109f36ff3482cd49693bfc91db786d9fd42355c06d |
| kernel-rt-modules-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: ada8a42e2e1ea31e91cd0d0b6df766ba1fca72f2d09ef815ad9f438f6254e490 |
| kernel-rt-modules-extra-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 1d1f01d791e72f9dd4f0bc054fae4e28f9374c3715bd911f673b900d4caf5b13 |
Red Hat Enterprise Linux for Real Time for NFV 8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-553.27.1.rt7.368.el8_10.src.rpm | SHA-256: 9762fe6d32ca1eefa462ca9478ce94ee7bb2c99143fbf87bec2ed4291316cd65 |
| x86_64 | |
| kernel-rt-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: a9c04de733523f25d17142918997f25f423c568b1c146fb618eb73b1aec87dd3 |
| kernel-rt-core-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 68545b9e1444d31ae72c029b375098d6d68a557b81ebc7531b3d35f360d362cb |
| kernel-rt-debug-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 69ae1da403c7d234911072584833f859620fb6344b0104f26a0673dadb1dd968 |
| kernel-rt-debug-core-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: b8281c1b82e443447132e07907490827a99984c8ea7a61638b9746ce79b9cfde |
| kernel-rt-debug-debuginfo-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 256b68097b5b72d9b4bdf08e96cf328cfe979bceddb241e45f2fd0f6a6a83478 |
| kernel-rt-debug-devel-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 888b1b9a99a8986a450f2f918dd082be92a9ccfa09b6e73c704822469c6e3bc2 |
| kernel-rt-debug-kvm-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 12c1d4a7c574f4e78e192b301a55688d0d685c0dfc35bfe19293a1edd8a63c68 |
| kernel-rt-debug-modules-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 69c9f7768abea12f15a275f9fbf0d9b7fa13e04697366f0e5c53fa6ec775ac8b |
| kernel-rt-debug-modules-extra-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: d5981ecae75fa3e516eba2b2ede51c9fce4712e67e017bb041e174ed8df6d6d2 |
| kernel-rt-debuginfo-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 9874c5f8cb65ead0a68cc1ddd039b5dc247c7ebc03d8666d844faa381aad1314 |
| kernel-rt-debuginfo-common-x86_64-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: d7cdbdec5c02cfe47238fbfa6959dec148b7d4efc8e46f598614c53538f093e5 |
| kernel-rt-devel-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: bf66d8dcbefb306fb15b5e109f36ff3482cd49693bfc91db786d9fd42355c06d |
| kernel-rt-kvm-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 9f6697b6d22a6413778618135f0f6a2de3a3170de63f382b1c1caba1c9313516 |
| kernel-rt-modules-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: ada8a42e2e1ea31e91cd0d0b6df766ba1fca72f2d09ef815ad9f438f6254e490 |
| kernel-rt-modules-extra-4.18.0-553.27.1.rt7.368.el8_10.x86_64.rpm | SHA-256: 1d1f01d791e72f9dd4f0bc054fae4e28f9374c3715bd911f673b900d4caf5b13 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
