[RHSA-2024:2004] kernel security and bug fix update
Severity
Important
Affected Packages
43
CVEs
5
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security fixes:
kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
kernel: irdma: Improper access control (CVE-2023-25775)
kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558)
This update also fixes the following bugs:
NFS client closes active connection (RHEL-22193)
kernel panic at __list_del_entry from smb2_reconnect_server (RHEL-26301)
kernel: race condition when call to VT_RESIZEX ioctl and vc_cons[i].d is already NULL, causing a NULL pointer dereference. (RHEL-28639)
kernel: net/sched: sch_hfsc UAF (RHEL-16458)
kernel: irdma: Improper access control (RHEL-6299)
The message in RHEL 7 ?stack-protector: Kernel stack is corrupted in:? is triggered because perf_trace_buf_prepare() does not verify that per_cpu array perf_trace_buf has allocated per_cpu buffers in it. (RHEL-18052)
[rhel7] gfs2: Invalid metadata access in punch_hole (RHEL-28785)
UDP packets dropped due to SELinux denial (RHEL-27751)
Boot fails with kernel panic at acpi_device_hid+0x6 (RHEL-8721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- RHSA-2024:2004
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2024:2004
- Published
-
2024-04-23T00:00:00
(4 months ago) - Modified
-
2024-04-23T00:00:00
(4 months ago) - Rights
- Copyright 2024 Red Hat, Inc.
- Other Advisories
-
-
ALAS-2023-1838
-
ALAS2-2023-2027
-
ALAS2-2023-2264
-
ALSA-2022:7683
-
ALSA-2023:3723
-
ALSA-2023:5244
-
ALSA-2024:0113
-
ALSA-2024:0897
-
ALSA-2024:3138
-
DSA-5480-1
-
DSA-5492-1
-
DSA-5594-1
-
ELSA-2022-7683
-
ELSA-2022-9761
-
ELSA-2023-13039
-
ELSA-2023-13043
-
ELSA-2023-3723
-
ELSA-2023-5244
-
ELSA-2024-0461
-
ELSA-2024-0897
-
ELSA-2024-12069
-
ELSA-2024-12094
-
ELSA-2024-12149
-
ELSA-2024-12150
-
ELSA-2024-12151
-
ELSA-2024-12153
-
ELSA-2024-12154
-
ELSA-2024-12159
-
ELSA-2024-12187
-
ELSA-2024-2004
-
ELSA-2024-2394
-
ELSA-2024-3138
-
MS:CVE-2023-4622
-
RHSA-2022:7444
-
RHSA-2022:7683
-
RHSA-2023:3708
-
RHSA-2023:3723
-
RHSA-2023:5244
-
RHSA-2023:5255
-
RHSA-2024:0089
-
RHSA-2024:0113
-
RHSA-2024:0134
-
RHSA-2024:0340
-
RHSA-2024:0876
-
RHSA-2024:0881
-
RHSA-2024:0897
-
RHSA-2024:1960
-
RHSA-2024:2003
-
RHSA-2024:2950
-
RHSA-2024:3138
-
RLSA-2022:7683
-
RLSA-2023:5244
-
RLSA-2024:3138
-
SSA:2023-172-02
-
SSA:2023-325-01
-
SUSE-SU-2022:2719-1
-
SUSE-SU-2022:2720-1
-
SUSE-SU-2022:2721-1
-
SUSE-SU-2022:2723-1
-
SUSE-SU-2022:2741-1
-
SUSE-SU-2022:2809-1
-
SUSE-SU-2022:2827-1
-
SUSE-SU-2022:2840-1
-
SUSE-SU-2022:2875-1
-
SUSE-SU-2022:2875-2
-
SUSE-SU-2022:2892-1
-
SUSE-SU-2022:2892-2
-
SUSE-SU-2022:2910-1
-
SUSE-SU-2022:3274-1
-
SUSE-SU-2022:4027-1
-
SUSE-SU-2022:4129-1
-
SUSE-SU-2023:0416-1
-
SUSE-SU-2023:2500-1
-
SUSE-SU-2023:2646-1
-
SUSE-SU-2023:2653-1
-
SUSE-SU-2023:2782-1
-
SUSE-SU-2023:2804-1
-
SUSE-SU-2023:2808-1
-
SUSE-SU-2023:2809-1
-
SUSE-SU-2023:2810-1
-
SUSE-SU-2023:2822-1
-
SUSE-SU-2023:2830-1
-
SUSE-SU-2023:2834-1
-
SUSE-SU-2023:2859-1
-
SUSE-SU-2023:2871-1
-
SUSE-SU-2023:3035-1
-
SUSE-SU-2023:3036-1
-
SUSE-SU-2023:3046-1
-
SUSE-SU-2023:3055-1
-
SUSE-SU-2023:3063-1
-
SUSE-SU-2023:3069-1
-
SUSE-SU-2023:3073-1
-
SUSE-SU-2023:3075-1
-
SUSE-SU-2023:3076-1
-
SUSE-SU-2023:3079-1
-
SUSE-SU-2023:3081-1
-
SUSE-SU-2023:3083-1
-
SUSE-SU-2023:3104-1
-
SUSE-SU-2023:3107-1
-
SUSE-SU-2023:3111-1
-
SUSE-SU-2023:3116-1
-
SUSE-SU-2023:3153-1
-
SUSE-SU-2023:4028-1
-
SUSE-SU-2023:4030-1
-
SUSE-SU-2023:4031-1
-
SUSE-SU-2023:4032-1
-
SUSE-SU-2023:4033-1
-
SUSE-SU-2023:4035-1
-
SUSE-SU-2023:4057-1
-
SUSE-SU-2023:4058-1
-
SUSE-SU-2023:4071-1
-
SUSE-SU-2023:4072-1
-
SUSE-SU-2023:4072-2
-
SUSE-SU-2023:4093-1
-
SUSE-SU-2023:4095-1
-
SUSE-SU-2023:4142-1
-
SUSE-SU-2023:4164-1
-
SUSE-SU-2023:4165-1
-
SUSE-SU-2023:4166-1
-
SUSE-SU-2023:4175-1
-
SUSE-SU-2023:4201-1
-
SUSE-SU-2023:4204-1
-
SUSE-SU-2023:4208-1
-
SUSE-SU-2023:4219-1
-
SUSE-SU-2023:4239-1
-
SUSE-SU-2023:4243-1
-
SUSE-SU-2023:4244-1
-
SUSE-SU-2023:4245-1
-
SUSE-SU-2023:4260-1
-
SUSE-SU-2023:4261-1
-
SUSE-SU-2023:4267-1
-
SUSE-SU-2023:4273-1
-
SUSE-SU-2023:4278-1
-
SUSE-SU-2023:4279-1
-
SUSE-SU-2023:4280-1
-
SUSE-SU-2023:4285-1
-
SUSE-SU-2023:4300-1
-
SUSE-SU-2023:4301-1
-
SUSE-SU-2023:4308-1
-
SUSE-SU-2023:4313-1
-
SUSE-SU-2023:4321-1
-
SUSE-SU-2023:4322-1
-
SUSE-SU-2023:4325-1
-
SUSE-SU-2023:4326-1
-
SUSE-SU-2023:4328-1
-
SUSE-SU-2023:4347-1
-
SUSE-SU-2023:4730-1
-
SUSE-SU-2023:4731-1
-
SUSE-SU-2023:4732-1
-
SUSE-SU-2023:4734-1
-
SUSE-SU-2023:4766-1
-
SUSE-SU-2023:4775-1
-
SUSE-SU-2023:4782-1
-
SUSE-SU-2023:4795-1
-
SUSE-SU-2023:4796-1
-
SUSE-SU-2023:4799-1
-
SUSE-SU-2023:4801-1
-
SUSE-SU-2023:4802-1
-
SUSE-SU-2023:4805-1
-
SUSE-SU-2023:4810-1
-
SUSE-SU-2023:4817-1
-
SUSE-SU-2023:4820-1
-
SUSE-SU-2023:4822-1
-
SUSE-SU-2023:4831-1
-
SUSE-SU-2023:4833-1
-
SUSE-SU-2023:4836-1
-
SUSE-SU-2023:4841-1
-
SUSE-SU-2023:4847-1
-
SUSE-SU-2023:4848-1
-
SUSE-SU-2023:4849-1
-
SUSE-SU-2023:4862-1
-
SUSE-SU-2023:4863-1
-
SUSE-SU-2023:4866-1
-
SUSE-SU-2023:4871-1
-
SUSE-SU-2023:4872-1
-
USN-6173-1
-
USN-6283-1
-
USN-6300-1
-
USN-6311-1
-
USN-6332-1
-
USN-6340-1
-
USN-6340-2
-
USN-6347-1
-
USN-6349-1
-
USN-6357-1
-
USN-6385-1
-
USN-6397-1
-
USN-6415-1
-
USN-6439-1
-
USN-6439-2
-
USN-6440-1
-
USN-6440-2
-
USN-6440-3
-
USN-6441-1
-
USN-6441-2
-
USN-6441-3
-
USN-6442-1
-
USN-6444-1
-
USN-6444-2
-
USN-6445-1
-
USN-6445-2
-
USN-6446-1
-
USN-6446-2
-
USN-6446-3
-
USN-6460-1
-
USN-6466-1
-
USN-6496-1
-
USN-6496-2
-
USN-6502-1
-
USN-6502-2
-
USN-6502-3
-
USN-6502-4
-
USN-6516-1
-
USN-6520-1
-
USN-6701-1
-
USN-6701-2
-
USN-6701-3
-
USN-6701-4
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 2112693 |
|
|
| Bugzilla | 2187308 |
|
|
| Bugzilla | 2231410 |
|
|
| Bugzilla | 2237757 |
|
|
| Bugzilla | 2237760 |
|
|
| RHSA | RHSA-2024:2004 |
|
|
| CVE | CVE-2020-36558 |
|
|
| CVE | CVE-2023-2002 |
|
|
| CVE | CVE-2023-25775 |
|
|
| CVE | CVE-2023-4622 |
|
|
| CVE | CVE-2023-4623 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/python-perf?arch=x86_64&distro=redhat-7 | redhat |
 python-perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/python-perf?arch=s390x&distro=redhat-7 | redhat |
python-perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/python-perf?arch=ppc64le&distro=redhat-7 | redhat |
python-perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/python-perf?arch=ppc64&distro=redhat-7 | redhat |
python-perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/perf?arch=x86_64&distro=redhat-7 | redhat |
perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/perf?arch=s390x&distro=redhat-7 | redhat |
perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/perf?arch=ppc64le&distro=redhat-7 | redhat |
perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/perf?arch=ppc64&distro=redhat-7 | redhat |
perf
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat |
kernel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-7 | redhat |
kernel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat |
kernel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-7 | redhat |
kernel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-tools?arch=x86_64&distro=redhat-7 | redhat |
kernel-tools
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-tools?arch=ppc64le&distro=redhat-7 | redhat |
kernel-tools
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-tools?arch=ppc64&distro=redhat-7 | redhat |
kernel-tools
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-tools-libs?arch=x86_64&distro=redhat-7 | redhat |
kernel-tools-libs
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-tools-libs?arch=ppc64le&distro=redhat-7 | redhat |
kernel-tools-libs
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-tools-libs?arch=ppc64&distro=redhat-7 | redhat |
kernel-tools-libs
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-tools-libs-devel?arch=x86_64&distro=redhat-7 | redhat |
kernel-tools-libs-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-tools-libs-devel?arch=ppc64le&distro=redhat-7 | redhat |
kernel-tools-libs-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-tools-libs-devel?arch=ppc64&distro=redhat-7 | redhat |
kernel-tools-libs-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-7 | redhat |
kernel-kdump
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-7 | redhat |
kernel-kdump-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/kernel-doc?distro=redhat-7 | redhat |
kernel-doc
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ||
| Affected | pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-7 | redhat |
kernel-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-7 | redhat |
kernel-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64le&distro=redhat-7 | redhat |
kernel-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-7 | redhat |
kernel-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-7 | redhat |
kernel-debug
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-7 | redhat |
kernel-debug
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64le&distro=redhat-7 | redhat |
kernel-debug
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-7 | redhat |
kernel-debug
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-7 | redhat |
kernel-debug-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-7 | redhat |
kernel-debug-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64le&distro=redhat-7 | redhat |
kernel-debug-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-7 | redhat |
kernel-debug-devel
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64le&distro=redhat-7 | redhat |
kernel-bootwrapper
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-7 | redhat |
kernel-bootwrapper
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 | |
| Affected | pkg:rpm/redhat/kernel-abi-whitelists?distro=redhat-7 | redhat |
kernel-abi-whitelists
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ||
| Affected | pkg:rpm/redhat/bpftool?arch=x86_64&distro=redhat-7 | redhat |
bpftool
|
< 3.10.0-1160.118.1.el7 | redhat-7 | x86_64 | |
| Affected | pkg:rpm/redhat/bpftool?arch=s390x&distro=redhat-7 | redhat |
bpftool
|
< 3.10.0-1160.118.1.el7 | redhat-7 | s390x | |
| Affected | pkg:rpm/redhat/bpftool?arch=ppc64le&distro=redhat-7 | redhat |
bpftool
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64le | |
| Affected | pkg:rpm/redhat/bpftool?arch=ppc64&distro=redhat-7 | redhat |
bpftool
|
< 3.10.0-1160.118.1.el7 | redhat-7 | ppc64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |