7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
76.1%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (CVE-2021-43975)
kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)
kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
kernel: denial of service in tipc_conn_close (CVE-2023-1382)
kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (CVE-2023-28772)
kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
Bug Fix(es):
The kernel is still getting hung up even after converting kernfs_mutex to kernfs_rwsem with massive concurrent kernfs access (open & lookup) performed by kubelet/node_exporter threads. (JIRA:RHEL-17149)
kernel: Rate limit overflow messages in r8152 in intr_callback (JIRA:RHEL-18810)
kernel: tun: avoid double free in tun_free_netdev (JIRA:RHEL-18813)
kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow (JIRA:RHEL-18850)
kernel: NULL pointer dereference in can_rcv_filter (JIRA:RHEL-19461)
ipoib mcast lockup fix (JIRA:RHEL-19698)
kernel: denial of service in tipc_conn_close (JIRA:RHEL-18824)
Rhel-8.6 crash at qed_get_current_link+0x11 during tx_timeout recovery (JIRA:RHEL-20923)
kernel: use-after-free in sch_qfq network scheduler (JIRA:RHEL-14402)
RHEL8.6 - s390/qeth: NET2016 - fix use-after-free in HSCI (JIRA:RHEL-15849)
RHEL8.6 - s390/qeth: recovery and set offline lose routes and IPv6 addr (JIRA:RHEL-17883)
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (JIRA:RHEL-18582)
kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (JIRA:RHEL-18799)
kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (JIRA:RHEL-18814)
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (JIRA:RHEL-18998)
dm multipath device suspend deadlocks waiting on a flush request (JIRA:RHEL-19110)
kernel: Slab-out-of-bound read in compare_netdev_and_ip (JIRA:RHEL-19327)
kernel: A flaw leading to a use-after-free in area_cache_get() (JIRA:RHEL-19451)
[RHEL8] I/O blocked during fio background with IO schedule switch, cpu offline/online, pci nvme rescan/reset (JIRA:RHEL-20231)
kernel: refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20298)
kernel: inactive elements in nft_pipapo_walk (JIRA:RHEL-20697)
kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (JIRA:RHEL-21661)
kernel NULL pointer at RIP: 0010:kyber_has_work+0x1c/0x60 (JIRA:RHEL-21784)
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (JIRA:RHEL-22090)
backport timerlat user-space support (JIRA:RHEL-20361)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
76.1%