Red Hat Security Advisory 2024-8870-03
2024-11-5 23:20:35 Author: packetstormsecurity.com(查看原文) 阅读量:0 收藏

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8870.json

Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel-rt security update
Advisory ID: RHSA-2024:8870-03
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2024:8870
Issue date: 2024-11-05
Revision: 03
CVE Names: CVE-2022-48773
====================================================================

Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)

* kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)

* kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)

* kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)

* kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)

* kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)

* kernel: nouveau: lock the client object tree. (CVE-2024-27062)

* kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)

* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)

* kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)

* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)

* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)

* kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)

* kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)

* kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)

* kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)

* kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)

* kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)

* kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)

* kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)

* kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)

* kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)

* kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)

* kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)

* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)

* kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

* kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)

* kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)

* kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)

* kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)

* kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)

* kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)

* kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)

* kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)

* kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)

* kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)

* kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)

* kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)

* kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-48773

References:

https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2266247
https://bugzilla.redhat.com/show_bug.cgi?id=2269183
https://bugzilla.redhat.com/show_bug.cgi?id=2275750
https://bugzilla.redhat.com/show_bug.cgi?id=2277168
https://bugzilla.redhat.com/show_bug.cgi?id=2278262
https://bugzilla.redhat.com/show_bug.cgi?id=2278350
https://bugzilla.redhat.com/show_bug.cgi?id=2278387
https://bugzilla.redhat.com/show_bug.cgi?id=2281284
https://bugzilla.redhat.com/show_bug.cgi?id=2281669
https://bugzilla.redhat.com/show_bug.cgi?id=2281817
https://bugzilla.redhat.com/show_bug.cgi?id=2293356
https://bugzilla.redhat.com/show_bug.cgi?id=2293402
https://bugzilla.redhat.com/show_bug.cgi?id=2293458
https://bugzilla.redhat.com/show_bug.cgi?id=2293459
https://bugzilla.redhat.com/show_bug.cgi?id=2297475
https://bugzilla.redhat.com/show_bug.cgi?id=2297508
https://bugzilla.redhat.com/show_bug.cgi?id=2297545
https://bugzilla.redhat.com/show_bug.cgi?id=2297567
https://bugzilla.redhat.com/show_bug.cgi?id=2297568
https://bugzilla.redhat.com/show_bug.cgi?id=2298109
https://bugzilla.redhat.com/show_bug.cgi?id=2298412
https://bugzilla.redhat.com/show_bug.cgi?id=2300412
https://bugzilla.redhat.com/show_bug.cgi?id=2300442
https://bugzilla.redhat.com/show_bug.cgi?id=2300487
https://bugzilla.redhat.com/show_bug.cgi?id=2300488
https://bugzilla.redhat.com/show_bug.cgi?id=2300508
https://bugzilla.redhat.com/show_bug.cgi?id=2300517
https://bugzilla.redhat.com/show_bug.cgi?id=2307862
https://bugzilla.redhat.com/show_bug.cgi?id=2307865
https://bugzilla.redhat.com/show_bug.cgi?id=2307892
https://bugzilla.redhat.com/show_bug.cgi?id=2309852
https://bugzilla.redhat.com/show_bug.cgi?id=2309853
https://bugzilla.redhat.com/show_bug.cgi?id=2311715
https://bugzilla.redhat.com/show_bug.cgi?id=2315178
https://bugzilla.redhat.com/show_bug.cgi?id=2317601


文章来源: https://packetstormsecurity.com/files/182501/RHSA-2024-8870-03.txt
如有侵权请联系:admin#unsafe.sh