Red Hat Product Errata RHSA-2024:9943 - Security Advisory
Issued:
2024-11-19
Updated:
2024-11-19

RHSA-2024:9943 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671)
  • kernel: iommu: Fix potential use-after-free during probe (CVE-2022-48796)
  • kernel: mptcp: pm: Fix uaf in __timer_delete_sync (CVE-2024-46858)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

  • BZ - 2272811 - CVE-2024-26671 kernel: blk-mq: fix IO hang from sbitmap wakeup race
  • BZ - 2298132 - CVE-2022-48796 kernel: iommu: Fix potential use-after-free during probe
  • BZ - 2315210 - CVE-2024-46858 kernel: mptcp: pm: Fix uaf in __timer_delete_sync

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
kernel-rt-5.14.0-70.121.1.rt21.193.el9_0.src.rpm SHA-256: e6ea3b4bf528bf7acb3197e9717057c99da7fc92220eab468d9b77b0bf45a2fd
x86_64
kernel-rt-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 6d227dd028f9fa8d6a7c3873839b856a35e6aca77b624dc96bb55f754e34c5db
kernel-rt-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 6d227dd028f9fa8d6a7c3873839b856a35e6aca77b624dc96bb55f754e34c5db
kernel-rt-core-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 125ff8e70f9e2e5f6c0bf508e3a505b1ebbc20a68a1b42def3ac742dea3c63ea
kernel-rt-core-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 125ff8e70f9e2e5f6c0bf508e3a505b1ebbc20a68a1b42def3ac742dea3c63ea
kernel-rt-debug-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 5d98ee02140d9c3c07e511c12e03b6de6ee98d6d9013fbe34c4f0dbb06ef784a
kernel-rt-debug-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 5d98ee02140d9c3c07e511c12e03b6de6ee98d6d9013fbe34c4f0dbb06ef784a
kernel-rt-debug-core-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 4009668dc9bd4cbe3dd8d08d27cb5938ad75ee291c5b49320eaa0ae0be733705
kernel-rt-debug-core-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 4009668dc9bd4cbe3dd8d08d27cb5938ad75ee291c5b49320eaa0ae0be733705
kernel-rt-debug-debuginfo-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 011bb1a57d427e7a7d941c0a810e0f2e88b82bc016c3aaeabef4a6254935c1f5
kernel-rt-debug-debuginfo-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 011bb1a57d427e7a7d941c0a810e0f2e88b82bc016c3aaeabef4a6254935c1f5
kernel-rt-debug-devel-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: d8db5490082d772d90a290ae7bbf6b9299c27620568edc4be462833dc74a81bf
kernel-rt-debug-devel-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: d8db5490082d772d90a290ae7bbf6b9299c27620568edc4be462833dc74a81bf
kernel-rt-debug-kvm-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 7e2802051c9203bd5a1ebde4cf9c24bf284146953a17cafad52ddb185f49813b
kernel-rt-debug-modules-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: b85e9468775d92be44193f7368983fc8bf49ce0a73a1b5b2d9cf2b08093c3b0d
kernel-rt-debug-modules-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: b85e9468775d92be44193f7368983fc8bf49ce0a73a1b5b2d9cf2b08093c3b0d
kernel-rt-debug-modules-extra-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: a3d0a895b21ae519f8b1765b783d5fbfe300a3a631fbdb8b89656585c61fc92e
kernel-rt-debug-modules-extra-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: a3d0a895b21ae519f8b1765b783d5fbfe300a3a631fbdb8b89656585c61fc92e
kernel-rt-debuginfo-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: b3ab5dbf16767bdca4b291f7ed0284d10af7af25ba7da21491f63eec73499960
kernel-rt-debuginfo-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: b3ab5dbf16767bdca4b291f7ed0284d10af7af25ba7da21491f63eec73499960
kernel-rt-debuginfo-common-x86_64-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 8393e72cb5e2698ed41a094a7c9f87adfa7aaa38e908dc6559ad72761e92bf3c
kernel-rt-debuginfo-common-x86_64-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 8393e72cb5e2698ed41a094a7c9f87adfa7aaa38e908dc6559ad72761e92bf3c
kernel-rt-devel-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 3de8309aee2cbbadd7234f50afe3f83107a410dbf9aa38414355e4f21fd288fd
kernel-rt-devel-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 3de8309aee2cbbadd7234f50afe3f83107a410dbf9aa38414355e4f21fd288fd
kernel-rt-kvm-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 2d574b49c73ee30f40cd3612ea9bc08d2fd7ab0b5e39d319bcd4b601efbcab90
kernel-rt-modules-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 23332b29ef9b7e5e4e4199f55bfc95d11bfab6f5356a522a1cc69f29fbc576b9
kernel-rt-modules-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 23332b29ef9b7e5e4e4199f55bfc95d11bfab6f5356a522a1cc69f29fbc576b9
kernel-rt-modules-extra-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 0e9323fed5a89ed4213372459ea75332a158522cab48c96883deff28157156ef
kernel-rt-modules-extra-5.14.0-70.121.1.rt21.193.el9_0.x86_64.rpm SHA-256: 0e9323fed5a89ed4213372459ea75332a158522cab48c96883deff28157156ef

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.