CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: Local information disclosure on IntelĀ® AtomĀ® processors (CVE-2023-28746)
kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)
kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)
kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)
kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)
kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)
kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | kernel-rt | * | cpe:2.3:o:redhat:kernel-rt:*:*:*:*:*:*:*:* |
redhat | kernel | * | cpe:2.3:a:redhat:kernel:*:*:*:*:*:*:*:* |
redhat | microcode_ctl | * | cpe:2.3:a:redhat:microcode_ctl:*:*:*:*:*:*:*:* |
redhat | enterprise_linux | nfv | cpe:2.3:o:redhat:enterprise_linux:nfv:*:*:*:*:*:*:* |
redhat | enterprise_linux | 8 | cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:* |
redhat | enterprise_linux | 9 | cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:* |