Issued:
2024-02-07
Updated:
2024-02-07

RHSA-2024:0724 - Important: kernel security and bug fix update

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory Important

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)

  • kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)

  • kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)

  • kernel: use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640)

  • kernel: improper input validation may lead to privilege escalation (CVE-2021-4204)

  • kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002)

  • kernel: eBPF verification flaw (CVE-2021-34866)

  • kernel: smb2_ioctl_query_info NULL pointer dereference (CVE-2022-0168)

  • kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges (CVE-2022-0500)

  • kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617)

  • kernel: possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)

  • kernel: buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078)

  • kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586)

  • kernel: netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)

  • kernel: memory leak in ipv6_renew_options() (CVE-2022-3524)

  • kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)

  • kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)

  • kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)

  • kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)

  • kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)

  • kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)

  • kernel: possible to use the debugger to write zero into a location of choice (CVE-2022-21499)

  • kernel: local privileges escalation in kernel/bpf/verifier.c (CVE-2022-23222)

  • kernel: Executable Space Protection Bypass (CVE-2022-25265)

  • kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)

  • kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

ProductVersionArch
Red Hat Virtualization Host4x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions8.6x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support8.6x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension8.6x86_64
Red Hat Enterprise Linux for Power, little endian - Extended Update Support8.6ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support8.6s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support8.6aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions8.6ppc64le
Red Hat Enterprise Linux Server - TUS8.6x86_64
Red Hat Enterprise Linux Server - AUS8.6x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support8.6x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support8.6ppc64le
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support8.6aarch64

Updated Packages

  • kernel-tools-libs-devel-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-headers-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-tools-libs-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-core-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-zfcpdump-devel-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-core-4.18.0-372.91.1.el8_6.aarch64.rpm
  • python3-perf-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debuginfo-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-tools-libs-devel-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-debug-modules-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-tools-debuginfo-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debug-devel-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-doc-4.18.0-372.91.1.el8_6.noarch.rpm
  • kernel-zfcpdump-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-core-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-headers-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debug-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debug-modules-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-tools-libs-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debug-modules-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-cross-headers-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-tools-libs-4.18.0-372.91.1.el8_6.x86_64.rpm
  • perf-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-modules-extra-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debuginfo-common-x86_64-4.18.0-372.91.1.el8_6.x86_64.rpm
  • bpftool-debuginfo-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-tools-libs-devel-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-core-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-modules-extra-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-modules-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-cross-headers-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-modules-extra-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-debug-devel-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-cross-headers-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-4.18.0-372.91.1.el8_6.src.rpm
  • kernel-debug-devel-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-tools-4.18.0-372.91.1.el8_6.x86_64.rpm
  • bpftool-debuginfo-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-modules-4.18.0-372.91.1.el8_6.x86_64.rpm
  • python3-perf-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-headers-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • python3-perf-4.18.0-372.91.1.el8_6.s390x.rpm
  • bpftool-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-zfcpdump-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debuginfo-4.18.0-372.91.1.el8_6.aarch64.rpm
  • python3-perf-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • python3-perf-debuginfo-4.18.0-372.91.1.el8_6.x86_64.rpm
  • bpftool-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-debuginfo-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-zfcpdump-modules-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-debug-core-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-modules-extra-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debuginfo-common-aarch64-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-devel-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-devel-4.18.0-372.91.1.el8_6.x86_64.rpm
  • bpftool-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-debuginfo-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-debug-core-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-abi-stablelists-4.18.0-372.91.1.el8_6.noarch.rpm
  • kernel-tools-debuginfo-4.18.0-372.91.1.el8_6.aarch64.rpm
  • python3-perf-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • bpftool-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • python3-perf-debuginfo-4.18.0-372.91.1.el8_6.aarch64.rpm
  • bpftool-debuginfo-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • perf-debuginfo-4.18.0-372.91.1.el8_6.aarch64.rpm
  • perf-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-debug-debuginfo-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debuginfo-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debug-core-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-tools-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-devel-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-zfcpdump-core-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debuginfo-common-ppc64le-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • perf-debuginfo-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-debug-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-tools-debuginfo-4.18.0-372.91.1.el8_6.x86_64.rpm
  • perf-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-cross-headers-4.18.0-372.91.1.el8_6.x86_64.rpm
  • bpftool-4.18.0-372.91.1.el8_6.aarch64.rpm
  • perf-debuginfo-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-devel-4.18.0-372.91.1.el8_6.s390x.rpm
  • perf-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-modules-extra-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-modules-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-tools-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-zfcpdump-modules-extra-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-debug-debuginfo-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-tools-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-devel-4.18.0-372.91.1.el8_6.aarch64.rpm
  • kernel-core-4.18.0-372.91.1.el8_6.s390x.rpm
  • python3-perf-debuginfo-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • perf-4.18.0-372.91.1.el8_6.x86_64.rpm
  • kernel-headers-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debug-modules-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-tools-4.18.0-372.91.1.el8_6.ppc64le.rpm
  • kernel-debuginfo-common-s390x-4.18.0-372.91.1.el8_6.s390x.rpm
  • kernel-modules-4.18.0-372.91.1.el8_6.aarch64.rpm

Fixes

CVEs

References

Additional information