Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in kernel-rt
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in kernel-rt
ID: RHSA-2024:2950
Distribution: Red Hat
Plattformen: Red Hat Enterprise Linux RT (v. 8), Red Hat Enterprise Linux NFV (v. 8)
Datum: Do, 23. Mai 2024, 07:21
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=2151959
https://bugzilla.redhat.com/show_bug.cgi?id=2179892
https://bugzilla.redhat.com/show_bug.cgi?id=2239845
https://bugzilla.redhat.com/show_bug.cgi?id=2226777
https://access.redhat.com/security/cve/CVE-2023-52489
https://access.redhat.com/security/cve/CVE-2023-6932
https://access.redhat.com/security/cve/CVE-2022-23222
https://access.redhat.com/security/cve/CVE-2023-39198
https://access.redhat.com/security/cve/CVE-2022-45934
https://bugzilla.redhat.com/show_bug.cgi?id=2256822
https://bugzilla.redhat.com/show_bug.cgi?id=2230042
https://access.redhat.com/security/cve/CVE-2023-25775
https://bugzilla.redhat.com/show_bug.cgi?id=2265653
https://bugzilla.redhat.com/show_bug.cgi?id=2272811
https://bugzilla.redhat.com/show_bug.cgi?id=2177759
https://bugzilla.redhat.com/show_bug.cgi?id=2265285
https://bugzilla.redhat.com/show_bug.cgi?id=2043520
https://bugzilla.redhat.com/show_bug.cgi?id=2270883
https://access.redhat.com/security/cve/CVE-2023-1513
https://bugzilla.redhat.com/show_bug.cgi?id=2235306
https://access.redhat.com/security/cve/CVE-2021-4204
https://access.redhat.com/security/cve/CVE-2023-6121
https://bugzilla.redhat.com/show_bug.cgi?id=2226784
https://access.redhat.com/security/cve/CVE-2023-52581
https://access.redhat.com/security/cve/CVE-2023-28464
https://access.redhat.com/security/cve/CVE-2024-0841
https://access.redhat.com/security/cve/CVE-2023-52448
https://bugzilla.redhat.com/show_bug.cgi?id=2219359
https://access.redhat.com/security/cve/CVE-2023-4133
https://bugzilla.redhat.com/show_bug.cgi?id=2239847
https://bugzilla.redhat.com/show_bug.cgi?id=2039178
https://access.redhat.com/security/cve/CVE-2024-26671
https://bugzilla.redhat.com/show_bug.cgi?id=2256490
https://access.redhat.com/security/cve/CVE-2023-51779
https://access.redhat.com/security/cve/CVE-2023-24023
https://access.redhat.com/security/cve/CVE-2023-42755
https://access.redhat.com/security/cve/CVE-2024-26602
https://access.redhat.com/errata/RHSA-2024:2950
https://bugzilla.redhat.com/show_bug.cgi?id=2226788
https://bugzilla.redhat.com/show_bug.cgi?id=2250043
https://bugzilla.redhat.com/show_bug.cgi?id=2269217
https://access.redhat.com/security/cve/CVE-2023-37453
https://access.redhat.com/security/cve/CVE-2021-3753
https://access.redhat.com/security/cve/CVE-2023-39189
https://access.redhat.com/security/cve/CVE-2023-39194
https://access.redhat.com/security/cve/CVE-2023-52580
https://bugzilla.redhat.com/show_bug.cgi?id=2226787
https://access.redhat.com/security/cve/CVE-2023-4244
https://bugzilla.redhat.com/show_bug.cgi?id=2221039
https://bugzilla.redhat.com/show_bug.cgi?id=2221702
https://bugzilla.redhat.com/show_bug.cgi?id=2257682
https://access.redhat.com/security/cve/CVE-2024-25742
https://access.redhat.com/security/cve/CVE-2023-6622
https://bugzilla.redhat.com/show_bug.cgi?id=1731000
https://access.redhat.com/security/cve/CVE-2023-31083
https://bugzilla.redhat.com/show_bug.cgi?id=2213132
https://access.redhat.com/security/cve/CVE-2022-0500
https://bugzilla.redhat.com/show_bug.cgi?id=2267695
https://access.redhat.com/security/cve/CVE-2023-52434
https://access.redhat.com/security/cve/CVE-2022-3565
https://access.redhat.com/security/cve/CVE-2019-13631
https://bugzilla.redhat.com/show_bug.cgi?id=1746732
https://bugzilla.redhat.com/show_bug.cgi?id=2150953
https://access.redhat.com/security/cve/CVE-2020-25656
https://access.redhat.com/security/cve/CVE-2023-52620
https://bugzilla.redhat.com/show_bug.cgi?id=2253632
https://bugzilla.redhat.com/show_bug.cgi?id=2257979
https://access.redhat.com/security/cve/CVE-2023-6176
https://bugzilla.redhat.com/show_bug.cgi?id=2244720
https://bugzilla.redhat.com/show_bug.cgi?id=2044578
https://bugzilla.redhat.com/show_bug.cgi?id=2254982
https://bugzilla.redhat.com/show_bug.cgi?id=2267761
https://bugzilla.redhat.com/show_bug.cgi?id=2254961
https://access.redhat.com/security/cve/CVE-2023-39193
https://access.redhat.com/security/cve/CVE-2023-3567
https://access.redhat.com/security/cve/CVE-2023-6915
https://access.redhat.com/security/cve/CVE-2023-42754
https://access.redhat.com/security/cve/CVE-2024-25743
https://bugzilla.redhat.com/show_bug.cgi?id=1888726
https://access.redhat.com/security/cve/CVE-2023-52340
https://access.redhat.com/security/cve/CVE-2023-52574
https://bugzilla.redhat.com/show_bug.cgi?id=2267750
https://bugzilla.redhat.com/show_bug.cgi?id=2269189
https://bugzilla.redhat.com/show_bug.cgi?id=2231410
https://bugzilla.redhat.com/show_bug.cgi?id=2255283
https://access.redhat.com/security/cve/CVE-2023-39192
https://access.redhat.com/security/cve/CVE-2023-38409
https://bugzilla.redhat.com/show_bug.cgi?id=1999589
https://access.redhat.com/security/cve/CVE-2023-51780
https://access.redhat.com/security/cve/CVE-2024-26609
https://access.redhat.com/security/cve/CVE-2019-15505
https://access.redhat.com/security/cve/CVE-2023-45863
https://bugzilla.redhat.com/show_bug.cgi?id=2218332
https://bugzilla.redhat.com/show_bug.cgi?id=2267760
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.10_release_notes/index
https://bugzilla.redhat.com/show_bug.cgi?id=2221463
https://bugzilla.redhat.com/show_bug.cgi?id=2270836
Applikationen: RT-Preempt-Realtime-Patch

Originalnachricht

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise
Linux 8.10 Release Notes linked from the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2019-13631: Out-of-bounds Read (CWE-125)
CVE-2019-15505: Out-of-bounds Read (CWE-125)
CVE-2020-25656: Use After Free (CWE-416)
CVE-2021-3753: Out-of-bounds Read (CWE-125)
CVE-2021-4204: Improper Restriction of Operations within the Bounds of a Memory
Buffer (CWE-119)
CVE-2022-0500: Out-of-bounds Write (CWE-787)
CVE-2022-3565: Use After Free (CWE-416)
CVE-2022-23222: Release of Invalid Pointer or Reference (CWE-763)
CVE-2022-45934: Integer Overflow or Wraparound (CWE-190)
CVE-2023-1513: Improper Initialization (CWE-665)
CVE-2023-3567: Use After Free (CWE-416)
CVE-2023-4133: Use After Free (CWE-416)
CVE-2023-4244: Use After Free (CWE-416)
CVE-2023-6121: Out-of-bounds Read (CWE-125)
CVE-2023-6176
CVE-2023-6622: NULL Pointer Dereference (CWE-476)
CVE-2023-6915: NULL Pointer Dereference (CWE-476)
CVE-2023-6932: Use After Free (CWE-416)
CVE-2023-24023: Channel Accessible by Non-Endpoint (CWE-300)
CVE-2023-25775: Improper Access Control (CWE-284)
CVE-2023-28464: Double Free (CWE-415)
CVE-2023-31083
CVE-2023-37453: Out-of-bounds Read (CWE-125)
CVE-2023-38409: Improper Validation of Array Index (CWE-129)
CVE-2023-39189: Out-of-bounds Read (CWE-125)
CVE-2023-39192: Out-of-bounds Read (CWE-125)
CVE-2023-39193: Out-of-bounds Read (CWE-125)
CVE-2023-39194: Out-of-bounds Read (CWE-125)
CVE-2023-39198: Use After Free (CWE-416)
CVE-2023-42754: NULL Pointer Dereference (CWE-476)
CVE-2023-42755: Out-of-bounds Read (CWE-125)
CVE-2023-45863
CVE-2023-51779: Use After Free (CWE-416)
CVE-2023-51780: Use After Free (CWE-416)
CVE-2023-52340: Uncontrolled Resource Consumption (CWE-400)
CVE-2023-52434
CVE-2023-52448
CVE-2023-52489: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
CVE-2023-52574: NULL Pointer Dereference (CWE-476)
CVE-2023-52580: Incorrect Calculation of Buffer Size (CWE-131)
CVE-2023-52581: Missing Release of Memory after Effective Lifetime (CWE-401)
CVE-2023-52620: Improper Control of Resource Identifiers ('Resource
Injection') (CWE-99)
CVE-2024-0841
CVE-2024-25742
CVE-2024-25743
CVE-2024-26602
CVE-2024-26609: Use After Free (CWE-416)
CVE-2024-26671: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung