(RHSA-2024:2585) Moderate: kernel-rt security and bug fix update

2024-04-3014:02:51

access.redhat.com

real time linux kernel

fine-tuning

use-after-free

stack corruption

divide error

sys_membarrier

rhel-8.4.z batch 24

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)
kernel: netfilter: divide error in nft_limit_init (CVE-2021-46915)
kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)

Bug Fix(es):

kernel-rt: kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (JIRA:RHEL-20498)
TRIAGE CVE-2021-46915 kernel-rt: kernel: netfilter: divide error in nft_limit_init (JIRA:RHEL-29264)
kernel-rt: update RT source tree to the latest RHEL-8.4.z Batch 24 (JIRA:RHEL-29266)
kernel-rt: kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (JIRA:RHEL-26391)
kernel-rt: kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (JIRA:RHEL-29217)

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64kernel-rt-debuginfo< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-debuginfo-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-modules< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-debug-modules-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-core< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-core-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-modules-extra< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-modules-extra-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-modules< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-modules-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-core< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-debug-core-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-devel< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-debug-devel-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-debuginfo< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-debug-debuginfo-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-kvm< 4.18.0-305.130.1.rt7.206.el8_4kernel-rt-debug-kvm-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	kernel-rt-debuginfo	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-debuginfo-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-modules	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-debug-modules-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-core	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-core-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-modules-extra	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-modules-extra-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-modules	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-modules-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-core	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-debug-core-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-devel	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-debug-devel-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-debuginfo	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-debug-debuginfo-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-rt-debug-kvm	< 4.18.0-305.130.1.rt7.206.el8_4	kernel-rt-debug-kvm-4.18.0-305.130.1.rt7.206.el8_4.x86_64.rpm