Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in kernel-rt
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in kernel-rt
ID: RHSA-2024:3627
Distribution: Red Hat
Plattformen: Red Hat Enterprise Linux RT (v. 8), Red Hat Enterprise Linux NFV (v. 8)
Datum: Mi, 5. Juni 2024, 23:43
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=2267758
https://bugzilla.redhat.com/show_bug.cgi?id=2278169
https://access.redhat.com/security/cve/CVE-2024-26901
https://bugzilla.redhat.com/show_bug.cgi?id=2273262
https://access.redhat.com/security/cve/CVE-2024-26693
https://access.redhat.com/security/cve/CVE-2021-47055
https://access.redhat.com/security/cve/CVE-2024-26642
https://access.redhat.com/security/cve/CVE-2024-0340
https://access.redhat.com/security/cve/CVE-2023-52445
https://bugzilla.redhat.com/show_bug.cgi?id=2267185
https://bugzilla.redhat.com/show_bug.cgi?id=2273223
https://access.redhat.com/security/cve/CVE-2024-27052
https://bugzilla.redhat.com/show_bug.cgi?id=2278417
https://bugzilla.redhat.com/show_bug.cgi?id=2268317
https://bugzilla.redhat.com/show_bug.cgi?id=2257406
https://access.redhat.com/security/cve/CVE-2024-26933
https://bugzilla.redhat.com/show_bug.cgi?id=2263875
https://access.redhat.com/security/cve/CVE-2022-48627
https://access.redhat.com/security/cve/CVE-2024-26659
https://access.redhat.com/security/cve/CVE-2023-52513
https://bugzilla.redhat.com/show_bug.cgi?id=2278268
https://bugzilla.redhat.com/show_bug.cgi?id=2275645
https://bugzilla.redhat.com/show_bug.cgi?id=2265654
https://bugzilla.redhat.com/show_bug.cgi?id=2278237
https://access.redhat.com/security/cve/CVE-2024-26892
https://bugzilla.redhat.com/show_bug.cgi?id=2278431
https://access.redhat.com/security/cve/CVE-2021-47185
https://access.redhat.com/security/cve/CVE-2024-26610
https://access.redhat.com/security/cve/CVE-2024-26593
https://access.redhat.com/security/cve/CVE-2024-26694
https://bugzilla.redhat.com/show_bug.cgi?id=2278314
https://bugzilla.redhat.com/show_bug.cgi?id=2270080
https://access.redhat.com/security/cve/CVE-2024-27059
https://bugzilla.redhat.com/show_bug.cgi?id=2269856
https://access.redhat.com/security/cve/CVE-2021-47013
https://access.redhat.com/security/cve/CVE-2024-26872
https://bugzilla.redhat.com/show_bug.cgi?id=2273092
https://access.redhat.com/security/cve/CVE-2024-26603
https://access.redhat.com/security/cve/CVE-2023-52610
https://access.redhat.com/security/cve/CVE-2024-26934
https://bugzilla.redhat.com/show_bug.cgi?id=2274624
https://bugzilla.redhat.com/show_bug.cgi?id=2266446
https://access.redhat.com/security/cve/CVE-2021-47153
https://bugzilla.redhat.com/show_bug.cgi?id=2273094
https://bugzilla.redhat.com/show_bug.cgi?id=2266746
https://access.redhat.com/security/cve/CVE-2024-26779
https://bugzilla.redhat.com/show_bug.cgi?id=2267355
https://bugzilla.redhat.com/show_bug.cgi?id=2275777
https://bugzilla.redhat.com/show_bug.cgi?id=2271476
https://access.redhat.com/security/cve/CVE-2023-52520
https://bugzilla.redhat.com/show_bug.cgi?id=2265271
https://access.redhat.com/security/cve/CVE-2024-26744
https://bugzilla.redhat.com/show_bug.cgi?id=2272791
https://bugzilla.redhat.com/show_bug.cgi?id=2278240
https://bugzilla.redhat.com/show_bug.cgi?id=2265833
https://access.redhat.com/security/cve/CVE-2020-36777
https://access.redhat.com/errata/RHSA-2024:3627
https://bugzilla.redhat.com/show_bug.cgi?id=2273260
https://access.redhat.com/security/cve/CVE-2021-47171
https://access.redhat.com/security/cve/CVE-2024-26615
https://access.redhat.com/security/cve/CVE-2024-26973
https://access.redhat.com/security/cve/CVE-2021-47118
https://access.redhat.com/security/cve/CVE-2024-26664
https://access.redhat.com/security/cve/CVE-2023-52595
https://bugzilla.redhat.com/show_bug.cgi?id=2270881
https://access.redhat.com/security/cve/CVE-2024-23307
https://access.redhat.com/security/cve/CVE-2019-25162
https://bugzilla.redhat.com/show_bug.cgi?id=2267724
https://access.redhat.com/security/cve/CVE-2024-26993
https://bugzilla.redhat.com/show_bug.cgi?id=2265646
https://bugzilla.redhat.com/show_bug.cgi?id=2270879
https://access.redhat.com/security/cve/CVE-2024-26919
https://bugzilla.redhat.com/show_bug.cgi?id=2275655
https://access.redhat.com/security/cve/CVE-2024-27014
https://bugzilla.redhat.com/show_bug.cgi?id=2278409
https://bugzilla.redhat.com/show_bug.cgi?id=2267705
https://access.redhat.com/security/cve/CVE-2023-52477
https://access.redhat.com/security/cve/CVE-2023-6240
https://bugzilla.redhat.com/show_bug.cgi?id=2267509
https://bugzilla.redhat.com/show_bug.cgi?id=2268315
https://bugzilla.redhat.com/show_bug.cgi?id=2250843
https://access.redhat.com/security/cve/CVE-2023-52565
https://access.redhat.com/security/cve/CVE-2024-26643
https://access.redhat.com/security/cve/CVE-2024-27048
https://bugzilla.redhat.com/show_bug.cgi?id=2275666
https://access.redhat.com/security/cve/CVE-2024-25744
https://access.redhat.com/security/cve/CVE-2021-46934
https://access.redhat.com/security/cve/CVE-2023-52578
https://access.redhat.com/security/cve/CVE-2024-26743
https://access.redhat.com/security/cve/CVE-2023-52594
https://access.redhat.com/security/cve/CVE-2023-52528
https://bugzilla.redhat.com/show_bug.cgi?id=2275707
https://bugzilla.redhat.com/show_bug.cgi?id=2278356
https://bugzilla.redhat.com/show_bug.cgi?id=2266841
https://bugzilla.redhat.com/show_bug.cgi?id=2267789
https://access.redhat.com/security/cve/CVE-2024-26897
https://bugzilla.redhat.com/show_bug.cgi?id=2267038
https://bugzilla.redhat.com/show_bug.cgi?id=2267804
https://access.redhat.com/security/cve/CVE-2024-27056
https://bugzilla.redhat.com/show_bug.cgi?id=2266296
https://bugzilla.redhat.com/show_bug.cgi?id=2272780
https://bugzilla.redhat.com/show_bug.cgi?id=2267797
https://bugzilla.redhat.com/show_bug.cgi?id=2271469
https://access.redhat.com/security/cve/CVE-2024-26964
https://bugzilla.redhat.com/show_bug.cgi?id=2278398
https://bugzilla.redhat.com/show_bug.cgi?id=2269213
https://access.redhat.com/security/cve/CVE-2023-52439
Applikationen: RT-Preempt-Realtime-Patch

Originalnachricht

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption
operation (CVE-2023-6240)

* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()
(CVE-2024-0340)

* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)

* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)

* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)

* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer
that cause loop forever (CVE-2024-26603)

* kernel: use after free in i2c (CVE-2019-25162)

* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)

* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()
(CVE-2020-36777)

* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors
(CVE-2023-52477)

* kernel: mtd: require write permissions for locking and badblock ioctls
(CVE-2021-47055)

* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump
(CVE-2024-26615)

* kernel: vt: fix memory overlapping when deleting chars in the buffer
(CVE-2022-48627)

* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)

* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()
(CVE-2023-52565)

* kernel: net: bridge: data races indata-races in br_handle_frame_finish()
(CVE-2023-52578)

* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
(CVE-2023-52528)

* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)

* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)

* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)

* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags
(CVE-2023-52610)

* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set
with timeout (CVE-2024-26643)

* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642)

* kernel: i2c: i801: Don't generate an interrupt on bus reset
(CVE-2021-47153)

* kernel: xhci: handle isoc Babble and Buffer Overrun events properly
(CVE-2024-26659)

* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)

* kernel: wifi: mac80211: fix race condition on enabling fast-xmit
(CVE-2024-26779)

* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter
(CVE-2024-26744)

* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)

* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
(CVE-2021-47185)

* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
(CVE-2024-26901)

* kernel: RDMA/srpt: Do not register event handler until srpt device is fully
setup (CVE-2024-26872)

* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)

* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma
(CVE-2024-26964)

* kernel: USB: core: Fix deadlock in usb_deauthorize_interface()
(CVE-2024-26934)

* kernel: USB: core: Fix deadlock in port "disable" sysfs
attribute (CVE-2024-26933)

* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()
(CVE-2024-26993)

* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)

* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
(CVE-2024-27059)

Bug Fix(es):

* kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel
(JIRA:RHEL-34640)

* kernel-rt: epoll_wait not reporting catching all events to application
(JIRA:RHEL-23022)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2019-25162: Use After Free (CWE-416)
CVE-2020-36777: Missing Release of Memory after Effective Lifetime (CWE-401)
CVE-2021-46934: Improper Check or Handling of Exceptional Conditions (CWE-703)
CVE-2021-47013: Use After Free (CWE-416)
CVE-2021-47055
CVE-2021-47118: Use After Free (CWE-416)
CVE-2021-47153: Out-of-bounds Read (CWE-125)
CVE-2021-47171: Transmission of Private Resources into a New Sphere
('Resource Leak') (CWE-402)
CVE-2021-47185: Excessive Platform Resource Consumption within a Loop
(CWE-1050)
CVE-2022-48627: Improper Handling of Overlap Between Protected Memory Ranges
(CWE-1260)
CVE-2023-6240: Observable Discrepancy (CWE-203)
CVE-2023-52439: Use After Free (CWE-416)
CVE-2023-52445: Use After Free (CWE-416)
CVE-2023-52477: NULL Pointer Dereference (CWE-476)
CVE-2023-52513: NULL Pointer Dereference (CWE-476)
CVE-2023-52520
CVE-2023-52528: Unchecked Return Value (CWE-252)
CVE-2023-52565: Out-of-bounds Read (CWE-125)
CVE-2023-52578: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
CVE-2023-52594: Out-of-bounds Read (CWE-125)
CVE-2023-52595: Improper Input Validation (CWE-20)
CVE-2023-52610: Transmission of Private Resources into a New Sphere
('Resource Leak') (CWE-402)
CVE-2024-0340: Exposure of Sensitive Information to an Unauthorized Actor
(CWE-200)
CVE-2024-23307: Integer Overflow or Wraparound (CWE-190)
CVE-2024-25744
CVE-2024-26593
CVE-2024-26603: Loop with Unreachable Exit Condition ('Infinite Loop')
(CWE-835)
CVE-2024-26610: Integer Overflow to Buffer Overflow (CWE-680)
CVE-2024-26615
CVE-2024-26642: Improper Control of Resource Identifiers ('Resource
Injection') (CWE-99)
CVE-2024-26643: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
CVE-2024-26659: Improper Restriction of Operations within the Bounds of a
Memory Buffer (CWE-119)
CVE-2024-26664: Out-of-bounds Read (CWE-125)
CVE-2024-26693: Improper Control of Resource Identifiers ('Resource
Injection') (CWE-99)
CVE-2024-26694: Double Free (CWE-415)
CVE-2024-26743: Incomplete Cleanup (CWE-459)
CVE-2024-26744: NULL Pointer Dereference (CWE-476)
CVE-2024-26779: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
CVE-2024-26872: Use After Free (CWE-416)
CVE-2024-26892: Use After Free (CWE-416)
CVE-2024-26897: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
CVE-2024-26901: Transmission of Private Resources into a New Sphere
('Resource Leak') (CWE-402)
CVE-2024-26919
CVE-2024-26933
CVE-2024-26934
CVE-2024-26964
CVE-2024-26973
CVE-2024-26993
CVE-2024-27014
CVE-2024-27048
CVE-2024-27052
CVE-2024-27056
CVE-2024-27059
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung