1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2024:4352

[RHSA-2024:4352] kernel-rt security and bug fix update

Severity Important
Affected Packages 12
CVEs 58
Info Packages References Vulnerabilities

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: tls (CVE-2024-26585,CVE-2024-26584, CVE-2024-26583

  • kernel-rt: kernel: PCI interrupt mapping cause oops rhel-8

  • kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)

  • kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng (CVE-2023-52615)

  • kernel-rt: kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)

  • kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset CVE-2024-26801)

  • kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)

  • kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)

  • kernel: wifi: mac80211: (CVE-2024-35789, CVE-2024-35838, CVE-2024-35845)

  • kernel: wifi: nl80211: reject iftype change with mesh ID change (CVE-2024-27410)

  • kernel: perf/core: Bail out early if the request AUX area is out of bound (CVE-2023-52835)

  • kernel:TCP-spoofed ghost ACKs and leak initial sequence number (CVE-2023-52881)

  • kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)

  • kernel: ovl: fix leaked dentry (CVE-2021-46972)

  • kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (CVE-2021-47073)

  • kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions() (CVE-2023-52560)

  • kernel: ppp_async: limit MRU to 64K (CVE-2024-26675)

  • kernel: mm/swap: fix race when skipping swapcache (CVE-2024-26759)

  • kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment (CVE-2024-26907)

  • kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)

  • kernel: net: ip_tunnel: prevent perpetual headroom growth (CVE-2024-26804)

  • kernel: net/usb: kalmia: avoid printing uninitialized value on error path (CVE-2023-52703)

  • kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs (CVE-2023-5090)

  • kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c (CVE-2023-52464)

  • kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)

  • kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)

  • kernel: net/bnx2x: Prevent access to a freed page in page_pool (CVE-2024-26859)

  • kernel: crypto: (CVE-2024-26974, CVE-2023-52813)

  • kernel: can: (CVE-2023-52878, CVE-2021-47456)

  • kernel: usb: (CVE-2023-52781, CVE-2023-52877)

  • kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)

  • kernel: usbnet: sanity check for maxpacket (CVE-2021-47495)

  • kernel: gro: fix ownership transfer (CVE-2024-35890)

  • kernel: erspan: make sure erspan_base_hdr is present in skb->head (CVE-2024-35888)

  • kernel: tipc: fix kernel warning when sending SYN message (CVE-2023-52700)

  • kernel: net/mlx5/mlxsw: (CVE-2024-35960, CVE-2024-36007, CVE-2024-35855)

  • kernel: net/mlx5e: (CVE-2024-35959, CVE-2023-52626, CVE-2024-35835)

  • kernel: mlxsw: (CVE-2024-35854, CVE-2024-35853, CVE-2024-35852)

  • kernel: net: (CVE-2024-35958, CVE-2021-47311, CVE-2021-47236, CVE-2021-47310)

  • kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (CVE-2024-36004)

  • kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)

  • kernel: udf: Fix NULL pointer dereference in udf_symlink function (CVE-2021-47353)

Bug Fix(es):

  • kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-40882)

  • [rhel8.9][cxgb4]BUG: using smp_processor_id() in preemptible [00000000] code: ethtool/54735 (JIRA:RHEL-8779)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-8.10 < 4.18.0-553.8.1.rt7.349.el8_10
ID
RHSA-2024:4352
Severity
important
URL
https://access.redhat.com/errata/RHSA-2024:4352
Published
2024-07-08T00:00:00
(2 months ago)
Modified
2024-07-08T00:00:00
(2 months ago)
Rights
Copyright 2024 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1918601 https://bugzilla.redhat.com/1918601
Bugzilla 2248122 https://bugzilla.redhat.com/2248122
Bugzilla 2258875 https://bugzilla.redhat.com/2258875
Bugzilla 2265517 https://bugzilla.redhat.com/2265517
Bugzilla 2265519 https://bugzilla.redhat.com/2265519
Bugzilla 2265520 https://bugzilla.redhat.com/2265520
Bugzilla 2265800 https://bugzilla.redhat.com/2265800
Bugzilla 2266408 https://bugzilla.redhat.com/2266408
Bugzilla 2266831 https://bugzilla.redhat.com/2266831
Bugzilla 2267513 https://bugzilla.redhat.com/2267513
Bugzilla 2267518 https://bugzilla.redhat.com/2267518
Bugzilla 2267730 https://bugzilla.redhat.com/2267730
Bugzilla 2270093 https://bugzilla.redhat.com/2270093
Bugzilla 2271680 https://bugzilla.redhat.com/2271680
Bugzilla 2272692 https://bugzilla.redhat.com/2272692
Bugzilla 2272829 https://bugzilla.redhat.com/2272829
Bugzilla 2273204 https://bugzilla.redhat.com/2273204
Bugzilla 2273278 https://bugzilla.redhat.com/2273278
Bugzilla 2273423 https://bugzilla.redhat.com/2273423
Bugzilla 2273429 https://bugzilla.redhat.com/2273429
Bugzilla 2275604 https://bugzilla.redhat.com/2275604
Bugzilla 2275633 https://bugzilla.redhat.com/2275633
Bugzilla 2275635 https://bugzilla.redhat.com/2275635
Bugzilla 2275733 https://bugzilla.redhat.com/2275733
Bugzilla 2278337 https://bugzilla.redhat.com/2278337
Bugzilla 2278354 https://bugzilla.redhat.com/2278354
Bugzilla 2280434 https://bugzilla.redhat.com/2280434
Bugzilla 2281057 https://bugzilla.redhat.com/2281057
Bugzilla 2281113 https://bugzilla.redhat.com/2281113
Bugzilla 2281157 https://bugzilla.redhat.com/2281157
Bugzilla 2281165 https://bugzilla.redhat.com/2281165
Bugzilla 2281251 https://bugzilla.redhat.com/2281251
Bugzilla 2281253 https://bugzilla.redhat.com/2281253
Bugzilla 2281255 https://bugzilla.redhat.com/2281255
Bugzilla 2281257 https://bugzilla.redhat.com/2281257
Bugzilla 2281272 https://bugzilla.redhat.com/2281272
Bugzilla 2281350 https://bugzilla.redhat.com/2281350
Bugzilla 2281689 https://bugzilla.redhat.com/2281689
Bugzilla 2281693 https://bugzilla.redhat.com/2281693
Bugzilla 2281920 https://bugzilla.redhat.com/2281920
Bugzilla 2281923 https://bugzilla.redhat.com/2281923
Bugzilla 2281925 https://bugzilla.redhat.com/2281925
Bugzilla 2281953 https://bugzilla.redhat.com/2281953
Bugzilla 2281986 https://bugzilla.redhat.com/2281986
Bugzilla 2282394 https://bugzilla.redhat.com/2282394
Bugzilla 2282400 https://bugzilla.redhat.com/2282400
Bugzilla 2282471 https://bugzilla.redhat.com/2282471
Bugzilla 2282472 https://bugzilla.redhat.com/2282472
Bugzilla 2282581 https://bugzilla.redhat.com/2282581
Bugzilla 2282609 https://bugzilla.redhat.com/2282609
Bugzilla 2282612 https://bugzilla.redhat.com/2282612
Bugzilla 2282653 https://bugzilla.redhat.com/2282653
Bugzilla 2282680 https://bugzilla.redhat.com/2282680
Bugzilla 2282698 https://bugzilla.redhat.com/2282698
Bugzilla 2282712 https://bugzilla.redhat.com/2282712
Bugzilla 2282735 https://bugzilla.redhat.com/2282735
Bugzilla 2282902 https://bugzilla.redhat.com/2282902
Bugzilla 2282920 https://bugzilla.redhat.com/2282920
RHSA RHSA-2024:4352 https://access.redhat.com/errata/RHSA-2024:4352
CVE CVE-2020-26555 https://access.redhat.com/security/cve/CVE-2020-26555
CVE CVE-2021-46909 https://access.redhat.com/security/cve/CVE-2021-46909
CVE CVE-2021-46972 https://access.redhat.com/security/cve/CVE-2021-46972
CVE CVE-2021-47069 https://access.redhat.com/security/cve/CVE-2021-47069
CVE CVE-2021-47073 https://access.redhat.com/security/cve/CVE-2021-47073
CVE CVE-2021-47236 https://access.redhat.com/security/cve/CVE-2021-47236
CVE CVE-2021-47310 https://access.redhat.com/security/cve/CVE-2021-47310
CVE CVE-2021-47311 https://access.redhat.com/security/cve/CVE-2021-47311
CVE CVE-2021-47353 https://access.redhat.com/security/cve/CVE-2021-47353
CVE CVE-2021-47356 https://access.redhat.com/security/cve/CVE-2021-47356
CVE CVE-2021-47456 https://access.redhat.com/security/cve/CVE-2021-47456
CVE CVE-2021-47495 https://access.redhat.com/security/cve/CVE-2021-47495
CVE CVE-2023-5090 https://access.redhat.com/security/cve/CVE-2023-5090
CVE CVE-2023-52464 https://access.redhat.com/security/cve/CVE-2023-52464
CVE CVE-2023-52560 https://access.redhat.com/security/cve/CVE-2023-52560
CVE CVE-2023-52615 https://access.redhat.com/security/cve/CVE-2023-52615
CVE CVE-2023-52626 https://access.redhat.com/security/cve/CVE-2023-52626
CVE CVE-2023-52667 https://access.redhat.com/security/cve/CVE-2023-52667
CVE CVE-2023-52700 https://access.redhat.com/security/cve/CVE-2023-52700
CVE CVE-2023-52703 https://access.redhat.com/security/cve/CVE-2023-52703
CVE CVE-2023-52781 https://access.redhat.com/security/cve/CVE-2023-52781
CVE CVE-2023-52813 https://access.redhat.com/security/cve/CVE-2023-52813
CVE CVE-2023-52835 https://access.redhat.com/security/cve/CVE-2023-52835
CVE CVE-2023-52877 https://access.redhat.com/security/cve/CVE-2023-52877
CVE CVE-2023-52878 https://access.redhat.com/security/cve/CVE-2023-52878
CVE CVE-2023-52881 https://access.redhat.com/security/cve/CVE-2023-52881
CVE CVE-2024-26583 https://access.redhat.com/security/cve/CVE-2024-26583
CVE CVE-2024-26584 https://access.redhat.com/security/cve/CVE-2024-26584
CVE CVE-2024-26585 https://access.redhat.com/security/cve/CVE-2024-26585
CVE CVE-2024-26656 https://access.redhat.com/security/cve/CVE-2024-26656
CVE CVE-2024-26675 https://access.redhat.com/security/cve/CVE-2024-26675
CVE CVE-2024-26735 https://access.redhat.com/security/cve/CVE-2024-26735
CVE CVE-2024-26759 https://access.redhat.com/security/cve/CVE-2024-26759
CVE CVE-2024-26801 https://access.redhat.com/security/cve/CVE-2024-26801
CVE CVE-2024-26804 https://access.redhat.com/security/cve/CVE-2024-26804
CVE CVE-2024-26826 https://access.redhat.com/security/cve/CVE-2024-26826
CVE CVE-2024-26859 https://access.redhat.com/security/cve/CVE-2024-26859
CVE CVE-2024-26906 https://access.redhat.com/security/cve/CVE-2024-26906
CVE CVE-2024-26907 https://access.redhat.com/security/cve/CVE-2024-26907
CVE CVE-2024-26974 https://access.redhat.com/security/cve/CVE-2024-26974
CVE CVE-2024-26982 https://access.redhat.com/security/cve/CVE-2024-26982
CVE CVE-2024-27397 https://access.redhat.com/security/cve/CVE-2024-27397
CVE CVE-2024-27410 https://access.redhat.com/security/cve/CVE-2024-27410
CVE CVE-2024-35789 https://access.redhat.com/security/cve/CVE-2024-35789
CVE CVE-2024-35835 https://access.redhat.com/security/cve/CVE-2024-35835
CVE CVE-2024-35838 https://access.redhat.com/security/cve/CVE-2024-35838
CVE CVE-2024-35845 https://access.redhat.com/security/cve/CVE-2024-35845
CVE CVE-2024-35852 https://access.redhat.com/security/cve/CVE-2024-35852
CVE CVE-2024-35853 https://access.redhat.com/security/cve/CVE-2024-35853
CVE CVE-2024-35854 https://access.redhat.com/security/cve/CVE-2024-35854
CVE CVE-2024-35855 https://access.redhat.com/security/cve/CVE-2024-35855
CVE CVE-2024-35888 https://access.redhat.com/security/cve/CVE-2024-35888
CVE CVE-2024-35890 https://access.redhat.com/security/cve/CVE-2024-35890
CVE CVE-2024-35958 https://access.redhat.com/security/cve/CVE-2024-35958
CVE CVE-2024-35959 https://access.redhat.com/security/cve/CVE-2024-35959
CVE CVE-2024-35960 https://access.redhat.com/security/cve/CVE-2024-35960
CVE CVE-2024-36004 https://access.redhat.com/security/cve/CVE-2024-36004
CVE CVE-2024-36007 https://access.redhat.com/security/cve/CVE-2024-36007
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-8.10 redhat kernel-rt < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-modules < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-modules-extra < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-kvm < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-devel < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-debug < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-debug-modules < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-debug-modules-extra < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-debug-kvm < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-debug-devel < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-debug-core < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
Affected pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-8.10 redhat kernel-rt-core < 4.18.0-553.8.1.rt7.349.el8_10 redhat-8.10 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date