1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2024:0881

[RHSA-2024:0881] kernel-rt security update

Severity Important
Affected Packages 12
CVEs 19
Info Packages References Vulnerabilities

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)

  • kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)

  • kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)

  • kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)

  • kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)

  • kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)

  • kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)

  • kernel: HID: check empty report_list in hid_validate_values() (CVE-2023-1073)

  • kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() (CVE-2023-1838)

  • kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)

  • kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)

  • kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child's sibling_list (CVE-2023-5717)

  • kernel: NULL pointer dereference in nvmet_tcp_build_iovec (CVE-2023-6356)

  • kernel: NULL pointer dereference in nvmet_tcp_execute_request (CVE-2023-6535)

  • kernel: NULL pointer dereference in __nvmet_req_complete (CVE-2023-6536)

  • kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)

  • kernel: OOB Access in smb2_dump_detail (CVE-2023-6610)

  • kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)

  • kernel: SEV-ES local priv escalation (CVE-2023-46813)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-8.9 < 4.18.0-513.18.1.rt7.320.el8_9
ID
RHSA-2024:0881
Severity
important
URL
https://access.redhat.com/errata/RHSA-2024:0881
Published
2024-02-20T00:00:00
(6 months ago)
Modified
2024-02-20T00:00:00
(6 months ago)
Rights
Copyright 2024 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2087568 https://bugzilla.redhat.com/2087568
Bugzilla 2144379 https://bugzilla.redhat.com/2144379
Bugzilla 2161310 https://bugzilla.redhat.com/2161310
Bugzilla 2173403 https://bugzilla.redhat.com/2173403
Bugzilla 2187813 https://bugzilla.redhat.com/2187813
Bugzilla 2187931 https://bugzilla.redhat.com/2187931
Bugzilla 2231800 https://bugzilla.redhat.com/2231800
Bugzilla 2237757 https://bugzilla.redhat.com/2237757
Bugzilla 2244723 https://bugzilla.redhat.com/2244723
Bugzilla 2245514 https://bugzilla.redhat.com/2245514
Bugzilla 2246944 https://bugzilla.redhat.com/2246944
Bugzilla 2246945 https://bugzilla.redhat.com/2246945
Bugzilla 2253611 https://bugzilla.redhat.com/2253611
Bugzilla 2253614 https://bugzilla.redhat.com/2253614
Bugzilla 2253908 https://bugzilla.redhat.com/2253908
Bugzilla 2254052 https://bugzilla.redhat.com/2254052
Bugzilla 2254053 https://bugzilla.redhat.com/2254053
Bugzilla 2254054 https://bugzilla.redhat.com/2254054
Bugzilla 2255139 https://bugzilla.redhat.com/2255139
RHSA RHSA-2024:0881 https://access.redhat.com/errata/RHSA-2024:0881
CVE CVE-2022-3545 https://access.redhat.com/security/cve/CVE-2022-3545
CVE CVE-2022-41858 https://access.redhat.com/security/cve/CVE-2022-41858
CVE CVE-2023-1073 https://access.redhat.com/security/cve/CVE-2023-1073
CVE CVE-2023-1838 https://access.redhat.com/security/cve/CVE-2023-1838
CVE CVE-2023-2166 https://access.redhat.com/security/cve/CVE-2023-2166
CVE CVE-2023-2176 https://access.redhat.com/security/cve/CVE-2023-2176
CVE CVE-2023-40283 https://access.redhat.com/security/cve/CVE-2023-40283
CVE CVE-2023-45871 https://access.redhat.com/security/cve/CVE-2023-45871
CVE CVE-2023-4623 https://access.redhat.com/security/cve/CVE-2023-4623
CVE CVE-2023-46813 https://access.redhat.com/security/cve/CVE-2023-46813
CVE CVE-2023-4921 https://access.redhat.com/security/cve/CVE-2023-4921
CVE CVE-2023-5717 https://access.redhat.com/security/cve/CVE-2023-5717
CVE CVE-2023-6356 https://access.redhat.com/security/cve/CVE-2023-6356
CVE CVE-2023-6535 https://access.redhat.com/security/cve/CVE-2023-6535
CVE CVE-2023-6536 https://access.redhat.com/security/cve/CVE-2023-6536
CVE CVE-2023-6606 https://access.redhat.com/security/cve/CVE-2023-6606
CVE CVE-2023-6610 https://access.redhat.com/security/cve/CVE-2023-6610
CVE CVE-2023-6817 https://access.redhat.com/security/cve/CVE-2023-6817
CVE CVE-2024-0646 https://access.redhat.com/security/cve/CVE-2024-0646
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-8.9 redhat kernel-rt < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-modules < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-modules-extra < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-kvm < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-devel < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-debug < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-debug-modules < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-debug-modules-extra < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-debug-kvm < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-debug-devel < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-debug-core < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
Affected pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-8.9 redhat kernel-rt-core < 4.18.0-513.18.1.rt7.320.el8_9 redhat-8.9 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date