Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:3421
HistoryMay 28, 2024 - 1:04 p.m.

(RHSA-2024:3421) Important: kernel security and bug fix update

2024-05-2813:04:19
access.redhat.com
21
kernel
security
vulnerability
bug fix
linux
cve-2023-6240
cve-2024-1086
cve-2024-26586
cve-2024-25743
cve-2023-52628
cve-2023-4244
cve-2023-6817
jira:rhel-32889

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

69.6%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

  • kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

  • kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)

  • CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743)

  • kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB write (CVE-2023-52628)

  • kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction (CVE-2023-4244)

  • kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)

Bug Fix(es):

  • kdump 2nd kernel panic in call trace tick_handle_periodic (JIRA:RHEL-32889)
OSVersionArchitecturePackageVersionFilename
RedHat9s390xpython3-perf< 5.14.0-70.101.1.el9_0python3-perf-5.14.0-70.101.1.el9_0.s390x.rpm
RedHat9x86_64kernel-debuginfo< 5.14.0-70.101.1.el9_0kernel-debuginfo-5.14.0-70.101.1.el9_0.x86_64.rpm
RedHat9ppc64lekernel-core< 5.14.0-70.101.1.el9_0kernel-core-5.14.0-70.101.1.el9_0.ppc64le.rpm
RedHat9x86_64kernel-tools-debuginfo< 5.14.0-70.101.1.el9_0kernel-tools-debuginfo-5.14.0-70.101.1.el9_0.x86_64.rpm
RedHat9x86_64kernel-devel-matched< 5.14.0-70.101.1.el9_0kernel-devel-matched-5.14.0-70.101.1.el9_0.x86_64.rpm
RedHat9aarch64kernel-modules< 5.14.0-70.101.1.el9_0kernel-modules-5.14.0-70.101.1.el9_0.aarch64.rpm
RedHat9s390xkernel-zfcpdump-modules< 5.14.0-70.101.1.el9_0kernel-zfcpdump-modules-5.14.0-70.101.1.el9_0.s390x.rpm
RedHat9s390xkernel-debug-modules< 5.14.0-70.101.1.el9_0kernel-debug-modules-5.14.0-70.101.1.el9_0.s390x.rpm
RedHat9s390xkernel-tools-debuginfo< 5.14.0-70.101.1.el9_0kernel-tools-debuginfo-5.14.0-70.101.1.el9_0.s390x.rpm
RedHat9ppc64lekernel-cross-headers< 5.14.0-70.101.1.el9_0kernel-cross-headers-5.14.0-70.101.1.el9_0.ppc64le.rpm
Rows per page:
1-10 of 1151

Related

nessus 67
redhat 22
oraclelinux 10
osv 8
rocky 1
amd 1
ubuntucve 11
cvelist 8
redhatcve 8
nvd 8
cve 8
debiancve 8
zdi 3
amazon 4
vulnrichment 5
prion 5
cnvd 3
cbl_mariner 4
f5 1
githubexploit 5
attackerkb 1
cisa_kev 1
virtuozzo 1
ibm 2
ubuntu 1
qualysblog 1
thn 2
nessus
nessus
RHEL 9 : kernel (RHSA-2024:3421)
2024-05-28 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:3414)
2024-05-28 00:00:00
RHEL 9 : kernel (RHSA-2024:2758)
2024-05-08 00:00:00
redhat
redhat
(RHSA-2024:3414) Important: kernel-rt security and bug fix update
2024-05-28 13:04:14
(RHSA-2024:2758) Moderate: kernel security and bug fix update
2024-05-08 00:02:33
(RHSA-2024:2628) Moderate: kernel-rt security and bug fix update
2024-05-01 00:08:21
oraclelinux
oraclelinux
kernel security and bug fix update
2024-05-08 00:00:00
Unbreakable Enterprise kernel security update
2024-04-01 00:00:00
Unbreakable Enterprise kernel security update
2024-05-13 00:00:00
osv
osv
Moderate: kernel security and bug fix update
2024-05-10 14:32:32
CVE-2024-25742
2024-05-17 22:15:07
CVE-2024-25743
2024-05-15 18:15:00
rocky
rocky
kernel security and bug fix update
2024-05-10 14:32:32
amd
amd
Disrupting AMD SEV-SNP on Linux® With Interrupts
2024-04-05 00:00:00
ubuntucve
ubuntucve
CVE-2024-25743
2024-05-15 00:00:00
CVE-2023-52628
2024-03-28 00:00:00
CVE-2024-26586
2024-02-22 00:00:00
cvelist
cvelist
CVE-2023-52628 netfilter: nftables: exthdr: fix 4-byte stack OOB write
2024-03-28 07:33:46
CVE-2023-6240 Kernel: marvin vulnerability side-channel leakage in the rsa decryption operation
2024-02-04 14:11:17
CVE-2024-25743
1976-01-01 00:00:00
redhatcve
redhatcve
CVE-2023-6240
2024-02-04 14:10:58
CVE-2023-52628
2024-03-28 11:55:31
CVE-2024-26586
2024-02-23 14:02:36
nvd
nvd
CVE-2023-6240
2024-02-04 14:15:47
CVE-2024-26586
2024-02-22 17:15:08
CVE-2023-52628
2024-03-28 08:15:25
cve
cve
CVE-2023-6240
2024-02-04 14:15:47
CVE-2023-52628
2024-03-28 08:15:25
CVE-2024-26586
2024-02-22 17:15:08
debiancve
debiancve
CVE-2023-6240
2024-02-04 14:15:47
CVE-2024-26586
2024-02-22 17:15:08
CVE-2024-25743
2024-05-15 18:15:10
zdi
zdi
Linux Kernel nft_exthdr_sctp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability
2024-03-28 00:00:00
Linux Kernel nft_exthdr_tcp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability
2024-03-28 00:00:00
Linux Kernel nft_exthdr_ipv6_eval Stack-based Buffer Overflow Information Disclosure Vulnerability
2024-03-28 00:00:00
amazon
amazon
Important: kernel
2024-05-09 17:43:00
Important: kernel
2024-05-09 19:16:00
Important: kernel
2024-02-15 03:52:00
vulnrichment
vulnrichment
CVE-2023-52628 netfilter: nftables: exthdr: fix 4-byte stack OOB write
2024-03-28 07:33:46
CVE-2024-26586 mlxsw: spectrum_acl_tcam: Fix stack corruption
2024-02-22 16:13:31
CVE-2024-25743
1976-01-01 00:00:00
prion
prion
Design/Logic Flaw
2024-02-22 17:15:00
Code injection
2024-02-04 14:15:00
Design/Logic Flaw
2023-12-18 15:15:00
cnvd
cnvd
Linux kernel memory misreference vulnerability (CNVD-2023-9933644)
2023-12-20 00:00:00
Linux kernel resource management error vulnerability (CNVD-2024-14762)
2024-02-02 00:00:00
Linux kernel elevation of privilege vulnerability (CNVD-2023-70083)
2023-09-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-6817 affecting package kernel for versions less than 5.15.145.2-1
2024-01-19 03:54:24
CVE-2024-1086 affecting package kernel for versions less than 6.6.22.1-2
2024-04-02 21:08:16
CVE-2024-1086 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
f5
f5
K000139430 : Linux kernel vulnerability CVE-2024-1086
2024-04-30 00:00:00
githubexploit
githubexploit
Exploit for Use After Free in Linux Linux Kernel
2024-04-30 16:10:37
Exploit for Use After Free in Linux Linux Kernel
2024-08-15 01:16:38
Exploit for Use After Free in Linux Linux Kernel
2024-07-04 10:51:35
attackerkb
attackerkb
CVE-2024-1086
2024-01-31 00:00:00
cisa_kev
cisa_kev
Linux Kernel Use-After-Free Vulnerability
2024-05-30 00:00:00
virtuozzo
virtuozzo
[Important] [Security] Virtuozzo ReadyKernel Patch 167.0 for Virtuozzo Hybrid Server 7.5
2024-02-06 00:00:00
ibm
ibm
Security Bulletin: Multiple Linux Kernel vulnerabilities affect IBM Storage Scale System.
2024-06-21 12:54:56
Security Bulletin: IBM Security Guardium is affected by a Kernel vulnerability (CVE-2024-1086, CVE-2024-26602)
2024-07-29 14:28:32
ubuntu
ubuntu
Kernel Live Patch Security Notice
2024-04-30 00:00:00
qualysblog
qualysblog
Qualys Announces TruRisk Eliminate to Augment Patching
2024-07-30 12:50:10
thn
thn
New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking
2024-03-29 10:49:00
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
2024-05-30 17:45:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

69.6%

JSON
Related for RHSA-2024:3421
nessus67redhat22oraclelinux10osv8rocky1amd1ubuntucve11cvelist8redhatcve8nvd8cve8debiancve8zdi3amazon4vulnrichment5prion5cnvd3cbl_mariner4f51githubexploit5attackerkb1cisa_kev1virtuozzo1ibm2ubuntu1qualysblog1thn2