Lucene search

K
redhatRedHatRHSA-2024:2845
HistoryMay 15, 2024 - 12:13 a.m.

(RHSA-2024:2845) Moderate: kernel security and bug fix update

2024-05-1500:13:23
access.redhat.com
18
rhsa-2024
cve-2024-25744
cve-2023-52628
jira:rhel-30266
jira:rhel-31090
linux operating system

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

16.0%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)

  • kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB write (CVE-2023-52628)

Bug Fix(es):

  • kernel: untrusted VMM can trigger int80 syscall handling (JIRA:RHEL-30266)

  • kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB write (JIRA:RHEL-31090)

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

16.0%