(RHSA-2024:2008) Important: kernel-rt security update

2024-04-2316:20:36

access.redhat.com

kernel-rt

security update

real time linux kernel

high determinism

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

19.1%

JSON

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459)
kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)
kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)
kernel: netfilter: divide error in nft_limit_init (CVE-2021-46915)
kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64kernel-rt-debug< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-debug-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-kvm< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-kvm-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-debug-kvm< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-debug-kvm-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-debug-devel< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-debug-devel-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-core< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-core-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-debug-modules-extra< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-debug-modules-extra-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-modules< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-modules-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-debug-modules< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-debug-modules-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-devel< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-devel-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat8x86_64kernel-rt-debug-debuginfo< 4.18.0-193.133.1.rt13.184.el8_2kernel-rt-debug-debuginfo-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	kernel-rt-debug	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-debug-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-kvm	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-kvm-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-kvm	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-debug-kvm-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-devel	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-debug-devel-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-core	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-core-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-modules-extra	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-debug-modules-extra-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-modules	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-modules-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-modules	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-debug-modules-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-devel	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-devel-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-debuginfo	< 4.18.0-193.133.1.rt13.184.el8_2	kernel-rt-debug-debuginfo-4.18.0-193.133.1.rt13.184.el8_2.x86_64.rpm