8.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
8.8 High
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.7%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (CVE-2021-43975)
kernel: memory leak in drivers/hid/hid-elo.c (CVE-2022-27950)
kernel: use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055)
kernel: use-after-free when psi trigger is destroyed while being polled (CVE-2022-2938)
kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
kernel: use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
kernel: Denial of service in beacon protection for P2P-device (CVE-2022-42722)
kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)
kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)
kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565)
kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (CVE-2023-51043)
Bug Fix(es):
kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans() (JIRA:RHEL-18732)
kernel: use-after-free in bss_ref_get in net/wireless/scan.c (JIRA:RHEL-18733)
kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (JIRA:RHEL-18734)
kernel: Denial of service in beacon protection for P2P-device (JIRA:RHEL-18735)
kernel: x86/mm: Randomize per-cpu entry area (JIRA:RHEL-18817)
kernel: KVM: x86/mmu: race condition in direct_page_fault() (JIRA:RHEL-18829)
kernel: refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20297)
kernel: use-after-free in tc_new_tfilter() in net/sched/cls_api.c (JIRA:RHEL-20363)
kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (JIRA:RHEL-21660)
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (JIRA:RHEL-22075)
kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (JIRA:RHEL-23475)
kernel: memory leak in drivers/hid/hid-elo.c (JIRA:RHEL-18557)
kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (JIRA:RHEL-18798)
kernel: use-after-free when psi trigger is destroyed while being polled (JIRA:RHEL-21919)
[RHVH] Migration hangs between RHVH release bellow 4.5.1 and RHVH over or equal 4.5.2 release (JIRA:RHEL-23061)
backport smartpqi: fix disable_managed_interrupts (JIRA:RHEL-26137)
Enhancement(s):
[MCHP 8.7 FEAT] Update smartpqi driver to latest upstream Second Set of Patches (JIRA:RHEL-21592)
[IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:RHEL-25809)
8.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
8.8 High
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.7%