Lucene search

K
rockyRockylinux Product ErrataRLSA-2024:2758
HistoryMay 10, 2024 - 2:32 p.m.

kernel security and bug fix update

2024-05-1014:32:32
Rockylinux Product Errata
errata.rockylinux.org
29
security
bug fix
kernel
cve
cvss
rocky linux
vulnerability
amd
rsa
jira
ptp
fips
s3
nmi
page cache
linux operating system

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

46.6%

An update is available for kernel.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

  • CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743)

Bug Fix(es):

  • ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests (JIRA:Rocky Linux-27009)

  • mm/mglru: fix underprotected page cache (JIRA:Rocky Linux-29235)

  • [EMR] [TBOOT OS] SUT could not go to S3 state with Rocky Linux 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:Rocky Linux-29673)

  • system hangs completely - NMI not possible (JIRA:Rocky Linux-30678)

  • ice 0000:6f:00.0: PTP failed to get time (JIRA:Rocky Linux-30110)

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

46.6%