7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
13.3%
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)
null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
nfp: use-after-free in area_cache_get() (CVE-2022-3545)
NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
out-of-bounds write in qfq_change_class function (CVE-2023-31436)
NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459)
net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611)
ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
inactive elements in nft_pipapo_walk (CVE-2023-6817)
refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
Bug Fix(es):
out-of-bounds write in qfq_change_class function (JIRA:RHEL-12700)
vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (JIRA:RHEL-18192)
refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20302)
inactive elements in nft_pipapo_walk (JIRA:RHEL-20703)
ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (JIRA:RHEL-22099)
update RT source tree to the latest RHEL-8.4.z Batch 23 (JIRA:RHEL-23825)
null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (JIRA:RHEL-19023)
Slab-out-of-bound read in compare_netdev_and_ip (JIRA:RHEL-19404)
A flaw leading to a use-after-free in area_cache_get() (JIRA:RHEL-19530)
vmxgfx: NULL pointer dereference in vmw_cmd_dx_define_query (JIRA:RHEL-22755)
NULL pointer dereference in can_rcv_filter (JIRA:RHEL-19520)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
13.3%