Lucene search

RedHatRHSA-2024:0724

HistoryFeb 07, 2024 - 4:01 p.m.

(RHSA-2024:0724) Important: kernel security and bug fix update

2024-02-0716:01:29

access.redhat.com

kernel packages

linux kernel

use-after-free

privilege escalation

memory leak

buffer overflow

denial of service

local privilege escalation

vulnerability

cve-2023-4921

cve-2023-6817

cve-2024-0646

cve-2021-3640

cve-2021-4204

cve-2021-30002

cve-2021-34866

cve-2022-0168

cve-2022-0500

cve-2022-0617

cve-2022-1462

cve-2022-2078

cve-2022-2586

cve-2022-2663

cve-2022-3524

cve-2022-3545

cve-2022-3566

cve-2022-3594

cve-2022-3619

cve-2022-3623

cve-2022-3707

cve-2022-21499

cve-2022-23222

cve-2022-25265

cve-2022-28388

cve-2022-28390

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.5%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
kernel: use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640)
kernel: improper input validation may lead to privilege escalation (CVE-2021-4204)
kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002)
kernel: eBPF verification flaw (CVE-2021-34866)
kernel: smb2_ioctl_query_info NULL pointer dereference (CVE-2022-0168)
kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges (CVE-2022-0500)
kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617)
kernel: possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
kernel: buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078)
kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586)
kernel: netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
kernel: memory leak in ipv6_renew_options() (CVE-2022-3524)
kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
kernel: possible to use the debugger to write zero into a location of choice (CVE-2022-21499)
kernel: local privileges escalation in kernel/bpf/verifier.c (CVE-2022-23222)
kernel: Executable Space Protection Bypass (CVE-2022-25265)
kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)
kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390)

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64kernel-debug-core< 4.18.0-372.91.1.el8_6kernel-debug-core-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat8ppc64lekernel-cross-headers< 4.18.0-372.91.1.el8_6kernel-cross-headers-4.18.0-372.91.1.el8_6.ppc64le.rpm
RedHat8x86_64bpftool< 4.18.0-372.91.1.el8_6bpftool-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat8x86_64kernel-debug-modules-extra< 4.18.0-372.91.1.el8_6kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat8ppc64lekernel-debug-modules-extra< 4.18.0-372.91.1.el8_6kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.ppc64le.rpm
RedHat8aarch64kernel-debug-core< 4.18.0-372.91.1.el8_6kernel-debug-core-4.18.0-372.91.1.el8_6.aarch64.rpm
RedHat8ppc64lekernel-tools-libs-devel< 4.18.0-372.91.1.el8_6kernel-tools-libs-devel-4.18.0-372.91.1.el8_6.ppc64le.rpm
RedHat8x86_64kernel-tools-libs< 4.18.0-372.91.1.el8_6kernel-tools-libs-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat8s390xkernel-core< 4.18.0-372.91.1.el8_6kernel-core-4.18.0-372.91.1.el8_6.s390x.rpm
RedHat8aarch64kernel-headers< 4.18.0-372.91.1.el8_6kernel-headers-4.18.0-372.91.1.el8_6.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	kernel-debug-core	< 4.18.0-372.91.1.el8_6	kernel-debug-core-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat	8	ppc64le	kernel-cross-headers	< 4.18.0-372.91.1.el8_6	kernel-cross-headers-4.18.0-372.91.1.el8_6.ppc64le.rpm
RedHat	8	x86_64	bpftool	< 4.18.0-372.91.1.el8_6	bpftool-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat	8	x86_64	kernel-debug-modules-extra	< 4.18.0-372.91.1.el8_6	kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat	8	ppc64le	kernel-debug-modules-extra	< 4.18.0-372.91.1.el8_6	kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.ppc64le.rpm
RedHat	8	aarch64	kernel-debug-core	< 4.18.0-372.91.1.el8_6	kernel-debug-core-4.18.0-372.91.1.el8_6.aarch64.rpm
RedHat	8	ppc64le	kernel-tools-libs-devel	< 4.18.0-372.91.1.el8_6	kernel-tools-libs-devel-4.18.0-372.91.1.el8_6.ppc64le.rpm
RedHat	8	x86_64	kernel-tools-libs	< 4.18.0-372.91.1.el8_6	kernel-tools-libs-4.18.0-372.91.1.el8_6.x86_64.rpm
RedHat	8	s390x	kernel-core	< 4.18.0-372.91.1.el8_6	kernel-core-4.18.0-372.91.1.el8_6.s390x.rpm
RedHat	8	aarch64	kernel-headers	< 4.18.0-372.91.1.el8_6	kernel-headers-4.18.0-372.91.1.el8_6.aarch64.rpm