Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:2621
HistoryApr 30, 2024 - 4:31 p.m.

(RHSA-2024:2621) Important: kernel security, bug fix, and enhancement update

2024-04-3016:31:58
access.redhat.com
5
kernel
security
bug fix
enhancement
l2cap_conn_del
l2cap_parse_conf_req
gsm multiplexing
ext4_write_inline_data_end
privilege escalation
tx-checksumming
ceph
smsc95xx
qeth driver

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.8%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (CVE-2022-3640)

  • kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c (CVE-2022-42895)

  • kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546,ZDI-CAN-20527)

  • kernel: ext4: kernel bug in ext4_write_inline_data_end() (CVE-2021-33631)

  • kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)

Bug Fix(es):

  • kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (JIRA:RHEL-18806)

  • tx-checksumming required for accessing port in OpenShift for RHEL 8.6 (JIRA:RHEL-20821)

  • ceph: several cap and snap fixes (JIRA:RHEL-20908)

  • unable to access smsc95xx based interface unless you start outgoing traffic. (JIRA:RHEL-25718)

  • [RHEL8] ] BUG bio-696 (Not tainted): Poison overwritten (JIRA:RHEL-26100)

  • kernel: ext4: kernel bug in ext4_write_inline_data_end() (JIRA:RHEL-26330)

  • kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c (JIRA:RHEL-18808)

  • kernel: GSM multiplexing race condition leads to privilege escalation (JIRA:RHEL-19953)

Enhancement(s):

  • [IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:RHEL-25810)
OSVersionArchitecturePackageVersionFilename
RedHat8s390xkernel-tools< 4.18.0-477.55.1.el8_8kernel-tools-4.18.0-477.55.1.el8_8.s390x.rpm
RedHat8s390xpython3-perf-debuginfo< 4.18.0-477.55.1.el8_8python3-perf-debuginfo-4.18.0-477.55.1.el8_8.s390x.rpm
RedHat8ppc64lekernel-core< 4.18.0-477.55.1.el8_8kernel-core-4.18.0-477.55.1.el8_8.ppc64le.rpm
RedHat8aarch64kernel-cross-headers< 4.18.0-477.55.1.el8_8kernel-cross-headers-4.18.0-477.55.1.el8_8.aarch64.rpm
RedHat8ppc64lekernel-debug-modules< 4.18.0-477.55.1.el8_8kernel-debug-modules-4.18.0-477.55.1.el8_8.ppc64le.rpm
RedHat8s390xkernel-debuginfo< 4.18.0-477.55.1.el8_8kernel-debuginfo-4.18.0-477.55.1.el8_8.s390x.rpm
RedHat8x86_64kernel< 4.18.0-477.55.1.el8_8kernel-4.18.0-477.55.1.el8_8.x86_64.rpm
RedHat8ppc64leperf-debuginfo< 4.18.0-477.55.1.el8_8perf-debuginfo-4.18.0-477.55.1.el8_8.ppc64le.rpm
RedHat8s390xbpftool< 4.18.0-477.55.1.el8_8bpftool-4.18.0-477.55.1.el8_8.s390x.rpm
RedHat8aarch64kernel-debug-devel< 4.18.0-477.55.1.el8_8kernel-debug-devel-4.18.0-477.55.1.el8_8.aarch64.rpm
Rows per page:
1-10 of 1061

Related

nessus 56
ubuntucve 5
cvelist 5
cve 5
debiancve 5
prion 5
redhatcve 5
redhat 15
cbl_mariner 1
osv 25
zdi 1
veracode 1
oraclelinux 9
openvas 28
ubuntu 22
cnvd 1
fedora 3
almalinux 1
rocky 3
amazon 2
photon 1
nessus
nessus
RHEL 8 : kernel (RHSA-2024:2621)
2024-04-30 00:00:00
RHEL 9 : kpatch-patch (RHSA-2024:1055)
2024-02-29 00:00:00
RHEL 8 : kpatch-patch (RHSA-2024:1612)
2024-04-02 00:00:00
ubuntucve
ubuntucve
CVE-2024-25744
2024-02-12 00:00:00
CVE-2021-33631
2024-01-18 00:00:00
CVE-2022-42895
2022-11-23 00:00:00
cvelist
cvelist
CVE-2024-25744
2024-02-12 00:00:00
Kernel crash in EXT4 filesystem
2024-01-18 15:05:58
Kernel: gsm multiplexing race condition leads to privilege escalation
2023-12-21 20:01:03
cve
cve
CVE-2024-25744
2024-02-12 05:15:07
CVE-2021-33631
2024-01-18 15:15:00
CVE-2023-6546
2023-12-21 20:15:08
debiancve
debiancve
CVE-2024-25744
2024-02-12 05:15:07
CVE-2021-33631
2024-01-18 15:15:08
CVE-2022-42895
2022-11-23 15:15:00
prion
prion
Code injection
2024-02-12 05:15:00
Integer overflow
2024-01-18 15:15:00
Design/Logic Flaw
2022-11-23 15:15:00
redhatcve
redhatcve
CVE-2024-25744
2024-02-14 21:32:42
CVE-2021-33631
2024-01-30 17:52:24
CVE-2022-42895
2022-11-23 19:26:02
redhat
redhat
(RHSA-2024:0937) Important: kpatch-patch security update
2024-02-22 02:57:41
(RHSA-2024:1612) Important: kpatch-patch security update
2024-04-02 15:31:44
(RHSA-2024:1055) Important: kpatch-patch security update
2024-02-29 15:39:00
cbl_mariner
cbl_mariner
CVE-2023-6546 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
osv
osv
CVE-2023-6546
2023-12-21 20:15:08
Important: kernel security, bug fix, and enhancement update
2024-04-05 14:55:53
Important: kernel security, bug fix, and enhancement update
2024-04-02 00:00:00
zdi
zdi
Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability
2024-01-09 00:00:00
veracode
veracode
Information Disclosure
2023-02-10 20:04:27
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2023-02-14 00:00:00
Unbreakable Enterprise kernel security update
2023-02-13 00:00:00
kernel security, bug fix, and enhancement update
2024-04-10 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5850-1)
2023-02-10 00:00:00
Ubuntu: Security Advisory (USN-5878-1)
2023-02-17 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-64ab9153c0)
2022-11-15 00:00:00
ubuntu
ubuntu
Linux kernel (Azure) vulnerabilities
2023-02-16 00:00:00
Linux kernel vulnerabilities
2023-02-09 00:00:00
Linux kernel vulnerabilities
2023-02-09 00:00:00
cnvd
cnvd
Linux kernel resource management error vulnerability (CNVD-2022-72086)
2022-10-25 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: kernel-6.0.8-300.fc37
2022-11-15 01:17:47
[SECURITY] Fedora 36 Update: kernel-6.0.8-200.fc36
2022-11-15 01:24:33
[SECURITY] Fedora 35 Update: kernel-6.0.8-100.fc35
2022-11-15 01:28:15
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2024-04-02 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2024-04-05 14:56:14
kernel security, bug fix, and enhancement update
2024-04-05 14:55:53
kernel security, bug fix, and enhancement update
2024-05-06 13:07:04
amazon
amazon
Important: kernel
2024-02-01 19:57:00
Important: kernel
2022-12-01 20:31:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0299
2022-12-15 00:00:00

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.8%

JSON
Related for RHSA-2024:2621
nessus56ubuntucve5cvelist5cve5debiancve5prion5redhatcve5redhat15cbl_mariner1osv25zdi1veracode1oraclelinux9openvas28ubuntu22cnvd1fedora3almalinux1rocky3amazon2photon1