Lucene search

K
redhatRedHatRHSA-2024:3462
HistoryMay 29, 2024 - 7:38 a.m.

(RHSA-2024:3462) Moderate: kernel security and bug fix update

2024-05-2907:38:48
access.redhat.com
14
linux kernel spectre-bhb mitigation ampereone
use after free fix
data races in br_handle_frame_finish
xfs thaw operation fix
rhel-34522 jira

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

7.4

Confidence

High

EPSS

0

Percentile

13.0%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • RHEL: Add Spectre-BHB mitigation for AmpereOne (CVE-2023-3006)

  • kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (CVE-2021-47013)

  • kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)

Bug Fix(es):

  • XFS: thaw operation hungs if caches are dropped while FS is frozen (JIRA:RHEL-34522)

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

7.4

Confidence

High

EPSS

0

Percentile

13.0%