8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
76.1%
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
kernel: tun: double free in tun_free_netdev (CVE-2022-4744)
kernel: net/sched: cls_u32 component reference counter leak (CVE-2023-3609)
kernel: net/sched: sch_qfq vulnerability (CVE-2023-3611)
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)
kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait (CVE-2021-43975)
kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
kernel: use-after-free and info leak in l2cap_conn_del and l2cap_parse_conf_req (CVE-2022-3640, CVE-2022-42895)
kernel: double free in usb_8dev_start_xmit (CVE-2022-28388)
kernel: vmwgfx: multiple vulnerabilities (CVE-2022-38457, CVE-2022-40133, CVE-2023-33951, CVE-2023-33952)
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
kernel: KVM: multiple vulnerabilities (CVE-2022-45869, CVE-2023-4155, CVE-2023-30456)
kernel: memory leak in ttusb_dec_exit_dvb (CVE-2022-45887)
kernel: speculative pointer dereference in do_prlimit in kernel/sys.c (CVE-2023-0458)
kernel: use-after-free in qdisc_graft (CVE-2023-0590)
kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
kernel: HID: check empty report_list in hid_validate_values (CVE-2023-1073)
kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)
kernel: hid: Use After Free in asus_remove (CVE-2023-1079)
kernel: use-after-free in drivers/media/rc/ene_ir.c (CVE-2023-1118)
kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)
kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
kernel: denial of service in tipc_conn_close (CVE-2023-1382)
kernel: Use after free bug in btsdio_remove (CVE-2023-1989)
kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
kernel: ext4: use-after-free in ext4_xattr_set_entry (CVE-2023-2513)
kernel: fbcon: shift-out-of-bounds in fbcon_set_font (CVE-2023-3161)
kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params (CVE-2023-3772)
kernel: smsusb: use-after-free caused by do_submit_urb (CVE-2023-4132)
kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)
Kernel: denial of service in atm_tc_enqueue (CVE-2023-23455)
kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)
kernel: Denial of service issue in az6027 driver (CVE-2023-28328)
kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)
kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)
kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove (CVE-2023-33203)
kernel: saa7134: race condition in saa7134_finidev (CVE-2023-35823)
kernel: dm1105: race condition in dm1105_remove.c (CVE-2023-35824)
kernel: r592: race condition in r592_remove (CVE-2023-35825)
kernel: net/tls: tls_is_tx_ready checked list_entry (CVE-2023-1075)
kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)
kernel: Use after free in r592_remove (CVE-2023-3141)
kernel: gfs2: NULL pointer dereference in gfs2_evict_inode (CVE-2023-3212)
For more details about the security issue(s), refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
76.1%