drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in kernel-rt
Name: |
Mehrere Probleme in kernel-rt |
|
ID: |
RHSA-2024:2008 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Enterprise Linux Real Time for NFV TUS (v. 8.2), Red Hat Enterprise Linux Real Time TUS (v. 8.2) |
|
Datum: |
Di, 23. April 2024, 22:48 |
|
Referenzen: |
https://access.redhat.com/security/cve/CVE-2023-3812
https://access.redhat.com/security/cve/CVE-2024-26602
https://access.redhat.com/security/cve/CVE-2023-1192
https://access.redhat.com/security/cve/CVE-2024-26586
https://access.redhat.com/errata/RHSA-2024:2008
https://bugzilla.redhat.com/show_bug.cgi?id=2266423
https://bugzilla.redhat.com/show_bug.cgi?id=2224048
https://bugzilla.redhat.com/show_bug.cgi?id=2256279
https://access.redhat.com/security/cve/CVE-2021-46915
https://bugzilla.redhat.com/show_bug.cgi?id=2154178
https://bugzilla.redhat.com/show_bug.cgi?id=2267695
https://bugzilla.redhat.com/show_bug.cgi?id=2219268
https://access.redhat.com/security/cve/CVE-2023-4459
https://bugzilla.redhat.com/show_bug.cgi?id=2265645
https://access.redhat.com/security/cve/CVE-2023-7192 |
|
Applikationen: |
RT-Preempt-Realtime-Patch |
|
Originalnachricht |
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
* kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459)
* kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)
* kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)
* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)
* kernel: netfilter: divide error in nft_limit_init (CVE-2021-46915)
* kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2021-46915: Divide By Zero (CWE-369) CVE-2023-1192: Use After Free (CWE-416) CVE-2023-3812: Out-of-bounds Write (CWE-787) CVE-2023-4459: NULL Pointer Dereference (CWE-476) CVE-2023-7192: Missing Release of Memory after Effective Lifetime (CWE-401) CVE-2024-26586 CVE-2024-26602
|
|
|
|