RedHatRHSA-2024:1532(RHSA-2024:1532) Moderate: kernel security and bug fix update
7.4 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
4.9 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565)
-
kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)
Bug Fix(es):
-
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (JIRA:RHEL-22081)
-
dpll: fix unordered unbind/bind registerer issues (JIRA:RHEL-25714)
-
update mm to upstream v6.0 (JIRA:RHEL-28164)
-
kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (JIRA:RHEL-26378)
-
ice: support features on new E810T variants (JIRA:RHEL-28589)
-
xfs_growfs: XFS_IOC_FSGROWFSDATA xfsctl failed: No space left on device (RHEL9) (JIRA:RHEL-28689)
Related
7.4 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
4.9 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%