RedHatRHSA-2024:1268(RHSA-2024:1268) Important: kernel security and bug fix update
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.5%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001,ZDI-CAN-20721)
-
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982,Downfall)
-
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611)
-
kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
-
kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
-
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
-
kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
-
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
-
kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)
-
kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)
-
kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)
-
kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
-
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
-
kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390)
-
kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)
-
kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
Bug Fix(es):
-
kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (JIRA:RHEL-1203)
-
How to reduce or prevent thousands of kworker/events_freezable_power_efficient threads being created every time multipath -ll is run (JIRA:RHEL-15054)
-
kernel: net/sched: sch_hfsc UAF (JIRA:RHEL-16461)
-
[SanityOnly][kernel]BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:35 at: sock_map_update_elem_sys+0x85/0x2a0 (JIRA:RHEL-6126)
-
kernel: hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (JIRA:RHEL-9246)
-
ipoib mcast lockup fix (JIRA:RHEL-19695)
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.5%