(RHSA-2024:5266) Important: kernel security update

2024-08-1307:17:14

access.redhat.com

kernel packages

netfilter

nf_tables

uaf

ionic

nfsd

cve

cvss score

bug fixes

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)
kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)
kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)
kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)
kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)

Bug Fix(es):

fix race between MADV_FREE reclaim and blkdev direct IO read (JIRA:RHEL-44845)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8ppc64lekernel-headers< 4.18.0-305.138.1.el8_4kernel-headers-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat8ppc64lepython3-perf-debuginfo< 4.18.0-305.138.1.el8_4python3-perf-debuginfo-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat8x86_64kernel-tools< 4.18.0-305.138.1.el8_4kernel-tools-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat8noarchkernel-abi-stablelists< 4.18.0-305.138.1.el8_4kernel-abi-stablelists-4.18.0-305.138.1.el8_4.noarch.rpm
RedHat8x86_64python3-perf< 4.18.0-305.138.1.el8_4python3-perf-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat8x86_64kernel-core< 4.18.0-305.138.1.el8_4kernel-core-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat8ppc64lebpftool< 4.18.0-305.138.1.el8_4bpftool-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat8x86_64kernel-debuginfo-common-x86_64< 4.18.0-305.138.1.el8_4kernel-debuginfo-common-x86_64-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat8ppc64lekernel< 4.18.0-305.138.1.el8_4kernel-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat8ppc64lekernel-debug-debuginfo< 4.18.0-305.138.1.el8_4kernel-debug-debuginfo-4.18.0-305.138.1.el8_4.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	ppc64le	kernel-headers	< 4.18.0-305.138.1.el8_4	kernel-headers-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat	8	ppc64le	python3-perf-debuginfo	< 4.18.0-305.138.1.el8_4	python3-perf-debuginfo-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat	8	x86_64	kernel-tools	< 4.18.0-305.138.1.el8_4	kernel-tools-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat	8	noarch	kernel-abi-stablelists	< 4.18.0-305.138.1.el8_4	kernel-abi-stablelists-4.18.0-305.138.1.el8_4.noarch.rpm
RedHat	8	x86_64	python3-perf	< 4.18.0-305.138.1.el8_4	python3-perf-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat	8	x86_64	kernel-core	< 4.18.0-305.138.1.el8_4	kernel-core-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat	8	ppc64le	bpftool	< 4.18.0-305.138.1.el8_4	bpftool-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat	8	x86_64	kernel-debuginfo-common-x86_64	< 4.18.0-305.138.1.el8_4	kernel-debuginfo-common-x86_64-4.18.0-305.138.1.el8_4.x86_64.rpm
RedHat	8	ppc64le	kernel	< 4.18.0-305.138.1.el8_4	kernel-4.18.0-305.138.1.el8_4.ppc64le.rpm
RedHat	8	ppc64le	kernel-debug-debuginfo	< 4.18.0-305.138.1.el8_4	kernel-debug-debuginfo-4.18.0-305.138.1.el8_4.ppc64le.rpm