Issued:
2024-06-05
Updated:
2024-06-05

RHSA-2024:3627 - Moderate: kernel-rt security and bug fix update

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory Moderate

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

  • kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)

  • kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)

  • kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)

  • kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)

  • kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)

  • kernel: use after free in i2c (CVE-2019-25162)

  • kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)

  • kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)

  • kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)

  • kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)

  • kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)

  • kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)

  • kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)

  • kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)

  • kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)

  • kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)

  • kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)

  • kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)

  • kernel: pid: take a reference when initializing cad_pid (CVE-2021-47118)

  • kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)

  • kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)

  • kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)

  • kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153)

  • kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)

  • kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)

  • kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)

  • kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)

  • kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)

  • kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)

  • kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)

  • kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)

  • kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)

  • kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)

  • kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)

  • kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)

  • kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)

  • kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)

  • kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)

Bug Fix(es):

  • kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-34640)

  • kernel-rt: epoll_wait not reporting catching all events to application (JIRA:RHEL-23022)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle8.10x86_64
Red Hat Enterprise Linux for Real Time8x86_64
Red Hat Enterprise Linux for Real Time for NFV8x86_64

Updated Packages

  • kernel-rt-kvm-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-core-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-debuginfo-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-modules-extra-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-4.18.0-553.5.1.rt7.346.el8_10.src.rpm
  • kernel-rt-modules-extra-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-kvm-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debuginfo-common-x86_64-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-core-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-devel-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-devel-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debug-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm
  • kernel-rt-debuginfo-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm

Fixes

CVEs

References

Additional information