Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:4415
HistoryJul 09, 2024 - 8:53 a.m.

(RHSA-2024:4415) Important: kernel security and bug fix update

2024-07-0908:53:07
access.redhat.com
10
kernel packages
linux kernel
netfilter
privilege escalation
smb client
oobs
kvm
uaf
lpi translation cache
nft_ct
jira
rhel-15150
rhel-30259
rhel-30560
cve-2024-0193
cve-2023-52434
cve-2024-26598
cve-2024-26673

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation (CVE-2024-0193)

  • kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)

  • kernel: kvm: Avoid potential UAF in LPI translation cache (CVE-2024-26598)

  • kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (CVE-2024-26673)

Bug Fix(es):

  • multi-page bvec configuration for integrity payload (JIRA:RHEL-15150)

  • ipoib mcast lockup fix (JIRA:RHEL-30259)

  • Kernel panic in skb_segment (JIRA:RHEL-30560)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9ppc64lekernel-core< 5.14.0-70.105.1.el9_0kernel-core-5.14.0-70.105.1.el9_0.ppc64le.rpm
RedHat9x86_64kernel-debug-devel< 5.14.0-70.105.1.el9_0kernel-debug-devel-5.14.0-70.105.1.el9_0.x86_64.rpm
RedHat9x86_64kernel-debuginfo-common-x86_64< 5.14.0-70.105.1.el9_0kernel-debuginfo-common-x86_64-5.14.0-70.105.1.el9_0.x86_64.rpm
RedHat9s390xkernel-zfcpdump-modules-extra< 5.14.0-70.105.1.el9_0kernel-zfcpdump-modules-extra-5.14.0-70.105.1.el9_0.s390x.rpm
RedHat9x86_64kernel-debuginfo< 5.14.0-70.105.1.el9_0kernel-debuginfo-5.14.0-70.105.1.el9_0.x86_64.rpm
RedHat9x86_64kernel-debug-core< 5.14.0-70.105.1.el9_0kernel-debug-core-5.14.0-70.105.1.el9_0.x86_64.rpm
RedHat9ppc64lekernel-devel-matched< 5.14.0-70.105.1.el9_0kernel-devel-matched-5.14.0-70.105.1.el9_0.ppc64le.rpm
RedHat9x86_64kernel-debug-devel-matched< 5.14.0-70.105.1.el9_0kernel-debug-devel-matched-5.14.0-70.105.1.el9_0.x86_64.rpm
RedHat9x86_64kernel-debug< 5.14.0-70.105.1.el9_0kernel-debug-5.14.0-70.105.1.el9_0.x86_64.rpm
RedHat9aarch64kernel-tools< 5.14.0-70.105.1.el9_0kernel-tools-5.14.0-70.105.1.el9_0.aarch64.rpm
Rows per page:
1-10 of 1081

Related

nessus 64
redhat 18
ubuntucve 6
debiancve 5
nvd 6
cvelist 5
cve 6
redhatcve 5
vulnrichment 5
osv 19
prion 4
cbl_mariner 1
oraclelinux 2
photon 2
ubuntu 18
openvas 30
rocky 1
redos 2
nessus
nessus
RHEL 9 : kernel (RHSA-2024:4415)
2024-07-09 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:4412)
2024-07-09 00:00:00
Photon OS 4.0: Linux PHSA-2024-4.0-0584
2024-07-24 00:00:00
redhat
redhat
(RHSA-2024:4412) Important: kernel-rt security and bug fix update
2024-07-09 08:53:06
(RHSA-2024:3306) Moderate: kernel security and bug fix update
2024-05-23 05:51:19
(RHSA-2024:3854) Moderate: kernel-rt security and bug fix update
2024-06-12 01:37:13
ubuntucve
ubuntucve
CVE-2024-35890
2024-05-19 00:00:00
CVE-2024-26598
2024-02-23 00:00:00
CVE-2024-26673
2024-04-02 00:00:00
debiancve
debiancve
CVE-2024-26598
2024-02-23 15:15:09
CVE-2024-26673
2024-04-02 07:15:43
CVE-2024-35890
2024-05-19 09:15:10
nvd
nvd
CVE-2024-26598
2024-02-23 15:15:09
CVE-2024-26673
2024-04-02 07:15:43
CVE-2024-35890
2024-05-19 09:15:10
cvelist
cvelist
CVE-2024-26673 netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations
2024-04-02 06:51:05
CVE-2024-35890 gro: fix ownership transfer
2024-05-19 08:34:46
CVE-2024-26598 KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
2024-02-23 14:46:26
cve
cve
CVE-2024-26673
2024-04-02 07:15:43
CVE-2024-26598
2024-02-23 15:15:09
CVE-2024-35890
2024-05-19 09:15:10
redhatcve
redhatcve
CVE-2024-26673
2024-04-03 00:03:04
CVE-2024-26598
2024-02-24 11:43:39
CVE-2024-35890
2024-05-20 12:14:49
vulnrichment
vulnrichment
CVE-2024-35890 gro: fix ownership transfer
2024-05-19 08:34:46
CVE-2024-26673 netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations
2024-04-02 06:51:05
CVE-2024-26598 KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
2024-02-23 14:46:26
osv
osv
CVE-2024-35890
2024-05-19 09:15:00
linux-oem-6.1 vulnerabilities
2024-01-25 22:11:29
linux-nvidia-6.2 vulnerabilities
2024-02-14 08:01:31
prion
prion
Spoofing
2024-02-23 15:15:00
Spoofing
2024-02-20 18:15:00
Design/Logic Flaw
2024-01-02 18:15:00
cbl_mariner
cbl_mariner
CVE-2023-52434 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
oraclelinux
oraclelinux
kernel security and bug fix update
2024-05-23 00:00:00
kernel security update
2024-03-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0584
2024-03-27 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0198
2024-02-06 00:00:00
ubuntu
ubuntu
Linux kernel (NVIDIA) vulnerabilities
2024-02-14 00:00:00
Kernel Live Patch Security Notice
2024-03-12 00:00:00
Linux kernel (OEM) vulnerabilities
2024-01-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6606-1)
2024-01-26 00:00:00
Ubuntu: Security Advisory (USN-6608-1)
2024-01-26 00:00:00
Ubuntu: Security Advisory (USN-6608-2)
2024-02-15 00:00:00
rocky
rocky
kernel security update
2024-03-27 04:37:19
redos
redos
ROS-20240813-01
2024-08-13 00:00:00
ROS-20240813-03
2024-08-13 00:00:00

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

JSON
Related for RHSA-2024:4415
nessus64redhat18ubuntucve6debiancve5nvd6cvelist5cve6redhatcve5vulnrichment5osv19prion4cbl_mariner1oraclelinux2photon2ubuntu18openvas30rocky1redos2