Lucene search

RedHatRHSA-2024:1367

HistoryMar 19, 2024 - 12:11 a.m.

(RHSA-2024:1367) Important: kernel security and bug fix update

2024-03-1900:11:19

access.redhat.com

kernel packages

linux operating system

security fix

bug fix

cve-2022-38096

cve-2022-41858

cve-2022-3545

cve-2023-2166

cve-2023-2176

cve-2023-31436

cve-2023-4459

cve-2023-3611

cve-2024-0646

cve-2023-6817

cve-2023-7192

jira:rhel-12696

jira:rhel-18194

jira:rhel-20296

jira:rhel-20695

jira:rhel-22088

jira:rhel-18580

jira:rhel-19696

jira:rhel-19108

jira:rhel-19325

jira:rhel-19449

jira:rhel-22763

jira:rhel-9162

jira:rhel-19459

jira:rhel-20906

jira:rhel-21782

jira:rhel-24201

rhel 8.5

memory cgroup commits

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

13.4%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)
kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459)
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)

Bug Fix(es):

kernel: out-of-bounds write in qfq_change_class function (JIRA:RHEL-12696)
kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (JIRA:RHEL-18194)
kernel: refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20296)
kernel: inactive elements in nft_pipapo_walk (JIRA:RHEL-20695)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (JIRA:RHEL-22088)
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (JIRA:RHEL-18580)
ipoib mcast lockup fix (JIRA:RHEL-19696)
dm multipath device suspend deadlocks waiting on a flush request (JIRA:RHEL-19108)
kernel: Slab-out-of-bound read in compare_netdev_and_ip (JIRA:RHEL-19325)
kernel: A flaw leading to a use-after-free in area_cache_get() (JIRA:RHEL-19449)
kernel: vmxgfx: NULL pointer dereference in vmw_cmd_dx_define_query (JIRA:RHEL-22763)
RHEL 8.5: Backport upstream memory cgroup commits up to v5.12 (JIRA:RHEL-9162)
kernel: NULL pointer dereference in can_rcv_filter (JIRA:RHEL-19459)
ceph: several cap and snap fixes (JIRA:RHEL-20906)
kernel NULL pointer at RIP: 0010:kyber_has_work+0x1c/0x60 (JIRA:RHEL-21782)
rbd: don’t move requests to the running list on errors [8.x] (JIRA:RHEL-24201)

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64kernel-devel< 4.18.0-305.125.1.el8_4kernel-devel-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat8ppc64lekernel-debug-debuginfo< 4.18.0-305.125.1.el8_4kernel-debug-debuginfo-4.18.0-305.125.1.el8_4.ppc64le.rpm
RedHat8x86_64kernel< 4.18.0-305.125.1.el8_4kernel-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat8x86_64bpftool< 4.18.0-305.125.1.el8_4bpftool-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat8x86_64perf-debuginfo< 4.18.0-305.125.1.el8_4perf-debuginfo-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat8x86_64python3-perf< 4.18.0-305.125.1.el8_4python3-perf-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat8ppc64lepython3-perf< 4.18.0-305.125.1.el8_4python3-perf-4.18.0-305.125.1.el8_4.ppc64le.rpm
RedHat8ppc64lebpftool< 4.18.0-305.125.1.el8_4bpftool-4.18.0-305.125.1.el8_4.ppc64le.rpm
RedHat8x86_64kernel-cross-headers< 4.18.0-305.125.1.el8_4kernel-cross-headers-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat8x86_64kernel-debug-debuginfo< 4.18.0-305.125.1.el8_4kernel-debug-debuginfo-4.18.0-305.125.1.el8_4.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	kernel-devel	< 4.18.0-305.125.1.el8_4	kernel-devel-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat	8	ppc64le	kernel-debug-debuginfo	< 4.18.0-305.125.1.el8_4	kernel-debug-debuginfo-4.18.0-305.125.1.el8_4.ppc64le.rpm
RedHat	8	x86_64	kernel	< 4.18.0-305.125.1.el8_4	kernel-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat	8	x86_64	bpftool	< 4.18.0-305.125.1.el8_4	bpftool-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat	8	x86_64	perf-debuginfo	< 4.18.0-305.125.1.el8_4	perf-debuginfo-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat	8	x86_64	python3-perf	< 4.18.0-305.125.1.el8_4	python3-perf-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat	8	ppc64le	python3-perf	< 4.18.0-305.125.1.el8_4	python3-perf-4.18.0-305.125.1.el8_4.ppc64le.rpm
RedHat	8	ppc64le	bpftool	< 4.18.0-305.125.1.el8_4	bpftool-4.18.0-305.125.1.el8_4.ppc64le.rpm
RedHat	8	x86_64	kernel-cross-headers	< 4.18.0-305.125.1.el8_4	kernel-cross-headers-4.18.0-305.125.1.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-debug-debuginfo	< 4.18.0-305.125.1.el8_4	kernel-debug-debuginfo-4.18.0-305.125.1.el8_4.x86_64.rpm