An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)
* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)
* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)
* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)
* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)
* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)
* kernel: use after free in i2c (CVE-2019-25162)
* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)
* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)
* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)
* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)
* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)
* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)
* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)
* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)
* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)
* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-34640)
* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:RHEL-23022)
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2019-25162: Use After Free (CWE-416) CVE-2020-36777: Missing Release of Memory after Effective Lifetime (CWE-401) CVE-2021-46934: Improper Check or Handling of Exceptional Conditions (CWE-703) CVE-2021-47013: Use After Free (CWE-416) CVE-2021-47055 CVE-2021-47118: Use After Free (CWE-416) CVE-2021-47153: Out-of-bounds Read (CWE-125) CVE-2021-47171: Transmission of Private Resources into a New Sphere ('Resource Leak') (CWE-402) CVE-2021-47185: Excessive Platform Resource Consumption within a Loop (CWE-1050) CVE-2022-48627: Improper Handling of Overlap Between Protected Memory Ranges (CWE-1260) CVE-2023-6240: Observable Discrepancy (CWE-203) CVE-2023-52439: Use After Free (CWE-416) CVE-2023-52445: Use After Free (CWE-416) CVE-2023-52477: NULL Pointer Dereference (CWE-476) CVE-2023-52513: NULL Pointer Dereference (CWE-476) CVE-2023-52520 CVE-2023-52528: Unchecked Return Value (CWE-252) CVE-2023-52565: Out-of-bounds Read (CWE-125) CVE-2023-52578: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) CVE-2023-52594: Out-of-bounds Read (CWE-125) CVE-2023-52595: Improper Input Validation (CWE-20) CVE-2023-52610: Transmission of Private Resources into a New Sphere ('Resource Leak') (CWE-402) CVE-2024-0340: Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) CVE-2024-23307: Integer Overflow or Wraparound (CWE-190) CVE-2024-25744 CVE-2024-26593 CVE-2024-26603: Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835) CVE-2024-26610: Integer Overflow to Buffer Overflow (CWE-680) CVE-2024-26615 CVE-2024-26642: Improper Control of Resource Identifiers ('Resource Injection') (CWE-99) CVE-2024-26643: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) CVE-2024-26659: Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) CVE-2024-26664: Out-of-bounds Read (CWE-125) CVE-2024-26693: Improper Control of Resource Identifiers ('Resource Injection') (CWE-99) CVE-2024-26694: Double Free (CWE-415) CVE-2024-26743: Incomplete Cleanup (CWE-459) CVE-2024-26744: NULL Pointer Dereference (CWE-476) CVE-2024-26779: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) CVE-2024-26872: Use After Free (CWE-416) CVE-2024-26892: Use After Free (CWE-416) CVE-2024-26897: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) CVE-2024-26901: Transmission of Private Resources into a New Sphere ('Resource Leak') (CWE-402) CVE-2024-26919 CVE-2024-26933 CVE-2024-26934 CVE-2024-26964 CVE-2024-26973 CVE-2024-26993 CVE-2024-27014 CVE-2024-27048 CVE-2024-27052 CVE-2024-27056 CVE-2024-27059
Pro-Linux
Funktion steht nur registrierten Nutzern zur Verfügung!
Neue Nachrichten
Funktion steht nur registrierten Nutzern zur Verfügung!