Lucene search

RedHatRHSA-2024:3855

HistoryJun 12, 2024 - 1:38 a.m.

(RHSA-2024:3855) Moderate: kernel security update

2024-06-1201:38:12

access.redhat.com

rhsa-2024-3855

kernel packages

linux kernel

security fix

kvm

svm

bluetooth

race condition

use-after-free

cve-2023-5090

cve-2023-51779

cve-2024-26598

cve-2023-52639

cve-2023-52667

cvss score

references

impact

acknowledgments

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

26.4%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs (CVE-2023-5090)
kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg (CVE-2023-51779)
kernel: kvm: Avoid potential UAF in LPI translation cache (CVE-2024-26598)
kernel: KVM: s390: vsie: fix race during shadow creation (CVE-2023-52639)
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9aarch64kernel-debug-modules-core< 5.14.0-284.69.1.el9_2kernel-debug-modules-core-5.14.0-284.69.1.el9_2.aarch64.rpm
RedHat9x86_64perf< 5.14.0-284.69.1.el9_2perf-5.14.0-284.69.1.el9_2.x86_64.rpm
RedHat9ppc64lekernel-debug-modules-core< 5.14.0-284.69.1.el9_2kernel-debug-modules-core-5.14.0-284.69.1.el9_2.ppc64le.rpm
RedHat9ppc64lekernel-tools-libs< 5.14.0-284.69.1.el9_2kernel-tools-libs-5.14.0-284.69.1.el9_2.ppc64le.rpm
RedHat9s390xkernel-zfcpdump-debuginfo< 5.14.0-284.69.1.el9_2kernel-zfcpdump-debuginfo-5.14.0-284.69.1.el9_2.s390x.rpm
RedHat9s390xkernel-modules-extra< 5.14.0-284.69.1.el9_2kernel-modules-extra-5.14.0-284.69.1.el9_2.s390x.rpm
RedHat9x86_64kernel-debug-uki-virt< 5.14.0-284.69.1.el9_2kernel-debug-uki-virt-5.14.0-284.69.1.el9_2.x86_64.rpm
RedHat9ppc64lekernel-cross-headers< 5.14.0-284.69.1.el9_2kernel-cross-headers-5.14.0-284.69.1.el9_2.ppc64le.rpm
RedHat9ppc64lebpftool< 7.0.0-284.69.1.el9_2bpftool-7.0.0-284.69.1.el9_2.ppc64le.rpm
RedHat9ppc64lekernel-modules-core< 5.14.0-284.69.1.el9_2kernel-modules-core-5.14.0-284.69.1.el9_2.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	aarch64	kernel-debug-modules-core	< 5.14.0-284.69.1.el9_2	kernel-debug-modules-core-5.14.0-284.69.1.el9_2.aarch64.rpm
RedHat	9	x86_64	perf	< 5.14.0-284.69.1.el9_2	perf-5.14.0-284.69.1.el9_2.x86_64.rpm
RedHat	9	ppc64le	kernel-debug-modules-core	< 5.14.0-284.69.1.el9_2	kernel-debug-modules-core-5.14.0-284.69.1.el9_2.ppc64le.rpm
RedHat	9	ppc64le	kernel-tools-libs	< 5.14.0-284.69.1.el9_2	kernel-tools-libs-5.14.0-284.69.1.el9_2.ppc64le.rpm
RedHat	9	s390x	kernel-zfcpdump-debuginfo	< 5.14.0-284.69.1.el9_2	kernel-zfcpdump-debuginfo-5.14.0-284.69.1.el9_2.s390x.rpm
RedHat	9	s390x	kernel-modules-extra	< 5.14.0-284.69.1.el9_2	kernel-modules-extra-5.14.0-284.69.1.el9_2.s390x.rpm
RedHat	9	x86_64	kernel-debug-uki-virt	< 5.14.0-284.69.1.el9_2	kernel-debug-uki-virt-5.14.0-284.69.1.el9_2.x86_64.rpm
RedHat	9	ppc64le	kernel-cross-headers	< 5.14.0-284.69.1.el9_2	kernel-cross-headers-5.14.0-284.69.1.el9_2.ppc64le.rpm
RedHat	9	ppc64le	bpftool	< 7.0.0-284.69.1.el9_2	bpftool-7.0.0-284.69.1.el9_2.ppc64le.rpm
RedHat	9	ppc64le	kernel-modules-core	< 5.14.0-284.69.1.el9_2	kernel-modules-core-5.14.0-284.69.1.el9_2.ppc64le.rpm