RHSA-2023:2148
Advisory lineage Upstream: 51 Downstream: 0
Published: 16 Sept 2024, 09:02
Last modified:05 May 2026, 10:02
Vulnerability Summary
Overall Risk (default)
medium
32/100 CVSS Score
8.1 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
16 Sept 2024, 09:02
Published
Vulnerability first disclosed
05 May 2026, 10:02
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: kernel-rt security and bug fix update
CVSS Metrics
- v3.1•HIGH•Score: 8.1CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Systems
- redhat•kernel-rt
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-core
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-core
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-debuginfo
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-devel
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-kvm
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-modules
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-modules-core
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debug-modules-extra
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debuginfo
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-debuginfo-common-x86_64
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-devel
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-kvm
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-modules
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-modules-core
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
- redhat•kernel-rt-modules-extra
< 0:5.14.0-284.11.1.rt14.296.el9_2 | < 0:5.14.0-284.11.1.rt14.296.el9_2
References (259)
- https://access.redhat.com/errata/RHSA-2023:2148
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
- https://bugzilla.redhat.com/show_bug.cgi?id=2061703
- https://bugzilla.redhat.com/show_bug.cgi?id=2073091
- https://bugzilla.redhat.com/show_bug.cgi?id=2078466
- https://bugzilla.redhat.com/show_bug.cgi?id=2089701
- https://bugzilla.redhat.com/show_bug.cgi?id=2090723
- https://bugzilla.redhat.com/show_bug.cgi?id=2106830
- https://bugzilla.redhat.com/show_bug.cgi?id=2107924
- https://bugzilla.redhat.com/show_bug.cgi?id=2108691
- https://bugzilla.redhat.com/show_bug.cgi?id=2114937
- https://bugzilla.redhat.com/show_bug.cgi?id=2122228
- https://bugzilla.redhat.com/show_bug.cgi?id=2123056
- https://bugzilla.redhat.com/show_bug.cgi?id=2124788
- https://bugzilla.redhat.com/show_bug.cgi?id=2130141
- https://bugzilla.redhat.com/show_bug.cgi?id=2133483
- https://bugzilla.redhat.com/show_bug.cgi?id=2133490
- https://bugzilla.redhat.com/show_bug.cgi?id=2134377
- https://bugzilla.redhat.com/show_bug.cgi?id=2134380
- https://bugzilla.redhat.com/show_bug.cgi?id=2134451
- https://bugzilla.redhat.com/show_bug.cgi?id=2134506
- https://bugzilla.redhat.com/show_bug.cgi?id=2134517
- https://bugzilla.redhat.com/show_bug.cgi?id=2134528
- https://bugzilla.redhat.com/show_bug.cgi?id=2137979
- https://bugzilla.redhat.com/show_bug.cgi?id=2139610
- https://bugzilla.redhat.com/show_bug.cgi?id=2143893
- https://bugzilla.redhat.com/show_bug.cgi?id=2143943
- https://bugzilla.redhat.com/show_bug.cgi?id=2144720
- https://bugzilla.redhat.com/show_bug.cgi?id=2147364
- https://bugzilla.redhat.com/show_bug.cgi?id=2150947
- https://bugzilla.redhat.com/show_bug.cgi?id=2150960
- https://bugzilla.redhat.com/show_bug.cgi?id=2150979
- https://bugzilla.redhat.com/show_bug.cgi?id=2151270
- https://bugzilla.redhat.com/show_bug.cgi?id=2154171
- https://bugzilla.redhat.com/show_bug.cgi?id=2154235
- https://bugzilla.redhat.com/show_bug.cgi?id=2160023
- https://bugzilla.redhat.com/show_bug.cgi?id=2162120
- https://bugzilla.redhat.com/show_bug.cgi?id=2165721
- https://bugzilla.redhat.com/show_bug.cgi?id=2165741
- https://bugzilla.redhat.com/show_bug.cgi?id=2168246
- https://bugzilla.redhat.com/show_bug.cgi?id=2176192
- https://bugzilla.redhat.com/show_bug.cgi?id=2177371
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2148.json
- https://access.redhat.com/security/cve/CVE-2021-26341
- https://www.cve.org/CVERecord?id=CVE-2021-26341
- https://nvd.nist.gov/vuln/detail/CVE-2021-26341
- https://grsecurity.net/amd_branch_mispredictor_part_2_where_no_cpu_has_gone_before
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026
- https://www.amd.com/system/files/documents/software-techniques-for-managing-speculation.pdf
- https://access.redhat.com/security/cve/CVE-2021-33631
- https://bugzilla.redhat.com/show_bug.cgi?id=2261976
- https://www.cve.org/CVERecord?id=CVE-2021-33631
- https://nvd.nist.gov/vuln/detail/CVE-2021-33631
- https://seclists.org/oss-sec/2024/q1/65
- https://access.redhat.com/security/cve/CVE-2021-33655
- https://www.cve.org/CVERecord?id=CVE-2021-33655
- https://nvd.nist.gov/vuln/detail/CVE-2021-33655
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=086ff84617185393a0bbf25830c4f36412a7d3f4
- https://access.redhat.com/security/cve/CVE-2021-47560
- https://bugzilla.redhat.com/show_bug.cgi?id=2283389
- https://www.cve.org/CVERecord?id=CVE-2021-47560
- https://nvd.nist.gov/vuln/detail/CVE-2021-47560
- https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47560-4a52@gregkh/T
- https://access.redhat.com/security/cve/CVE-2021-47592
- https://bugzilla.redhat.com/show_bug.cgi?id=2293235
- https://www.cve.org/CVERecord?id=CVE-2021-47592
- https://nvd.nist.gov/vuln/detail/CVE-2021-47592
- https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47592-7ca6@gregkh/T
- https://access.redhat.com/security/cve/CVE-2022-1462
- https://www.cve.org/CVERecord?id=CVE-2022-1462
- https://nvd.nist.gov/vuln/detail/CVE-2022-1462
- https://seclists.org/oss-sec/2022/q2/155
- https://access.redhat.com/security/cve/CVE-2022-1789
- https://www.cve.org/CVERecord?id=CVE-2022-1789
- https://nvd.nist.gov/vuln/detail/CVE-2022-1789
- https://github.com/advisories/GHSA-v8pq-23qj-q7x7
- https://www.openwall.com/lists/oss-security/2022/05/25/2
- https://access.redhat.com/security/cve/CVE-2022-1882
- https://www.cve.org/CVERecord?id=CVE-2022-1882
- https://nvd.nist.gov/vuln/detail/CVE-2022-1882
- https://git.kernel.org/linus/353f7988dd8413c4
- https://access.redhat.com/security/cve/CVE-2022-2196
- https://www.cve.org/CVERecord?id=CVE-2022-2196
- https://nvd.nist.gov/vuln/detail/CVE-2022-2196
- https://access.redhat.com/security/cve/CVE-2022-2663
- https://www.cve.org/CVERecord?id=CVE-2022-2663
- https://nvd.nist.gov/vuln/detail/CVE-2022-2663
- https://lore.kernel.org/netfilter-devel/20220826045658.100360-1-dgl@dgl.cx/T/
- https://access.redhat.com/security/cve/CVE-2022-3028
- https://www.cve.org/CVERecord?id=CVE-2022-3028
- https://nvd.nist.gov/vuln/detail/CVE-2022-3028
- https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5
- https://access.redhat.com/security/cve/CVE-2022-3435
- https://www.cve.org/CVERecord?id=CVE-2022-3435
- https://nvd.nist.gov/vuln/detail/CVE-2022-3435
- https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern@kernel.org/T/#u
- https://access.redhat.com/security/cve/CVE-2022-3522
- https://www.cve.org/CVERecord?id=CVE-2022-3522
- https://nvd.nist.gov/vuln/detail/CVE-2022-3522
- https://lore.kernel.org/all/20221004193400.110155-3-peterx@redhat.com/T/#u
- https://access.redhat.com/security/cve/CVE-2022-3524
- https://www.cve.org/CVERecord?id=CVE-2022-3524
- https://nvd.nist.gov/vuln/detail/CVE-2022-3524
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11
- https://access.redhat.com/security/cve/CVE-2022-3566
- https://www.cve.org/CVERecord?id=CVE-2022-3566
- https://nvd.nist.gov/vuln/detail/CVE-2022-3566
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57
- https://access.redhat.com/security/cve/CVE-2022-3567
- https://www.cve.org/CVERecord?id=CVE-2022-3567
- https://nvd.nist.gov/vuln/detail/CVE-2022-3567
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=364f997b5cfe1db0d63a390fe7c801fa2b3115f6
- https://access.redhat.com/security/cve/CVE-2022-3619
- https://www.cve.org/CVERecord?id=CVE-2022-3619
- https://nvd.nist.gov/vuln/detail/CVE-2022-3619
- https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193
- https://vuldb.com/?id.211918
- https://access.redhat.com/security/cve/CVE-2022-3623
- https://www.cve.org/CVERecord?id=CVE-2022-3623
- https://nvd.nist.gov/vuln/detail/CVE-2022-3623
- https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f
- https://access.redhat.com/security/cve/CVE-2022-3625
- https://www.cve.org/CVERecord?id=CVE-2022-3625
- https://nvd.nist.gov/vuln/detail/CVE-2022-3625
- https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902
- https://access.redhat.com/security/cve/CVE-2022-3628
- https://www.cve.org/CVERecord?id=CVE-2022-3628
- https://nvd.nist.gov/vuln/detail/CVE-2022-3628
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c?id=6788ba8aed4e28e90f72d68a9d794e34eac17295
- https://seclists.org/oss-sec/2022/q4/60
- https://access.redhat.com/security/cve/CVE-2022-3640
- https://www.cve.org/CVERecord?id=CVE-2022-3640
- https://nvd.nist.gov/vuln/detail/CVE-2022-3640
- https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=42cf46dea905a80f6de218e837ba4d4cc33d6979
- https://access.redhat.com/security/cve/CVE-2022-3707
- https://www.cve.org/CVERecord?id=CVE-2022-3707
- https://nvd.nist.gov/vuln/detail/CVE-2022-3707
- https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz@163.com/
- https://access.redhat.com/security/cve/CVE-2022-4128
- https://www.cve.org/CVERecord?id=CVE-2022-4128
- https://nvd.nist.gov/vuln/detail/CVE-2022-4128
- https://access.redhat.com/security/cve/CVE-2022-4129
- https://www.cve.org/CVERecord?id=CVE-2022-4129
- https://nvd.nist.gov/vuln/detail/CVE-2022-4129
- https://access.redhat.com/security/cve/CVE-2022-4662
- https://bugzilla.redhat.com/show_bug.cgi?id=2155788
- https://www.cve.org/CVERecord?id=CVE-2022-4662
- https://nvd.nist.gov/vuln/detail/CVE-2022-4662
- https://lore.kernel.org/all/20220913140355.910732567@linuxfoundation.org/
- https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com/
- https://access.redhat.com/security/cve/CVE-2022-20141
- https://www.cve.org/CVERecord?id=CVE-2022-20141
- https://nvd.nist.gov/vuln/detail/CVE-2022-20141
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/igmp.c?h=v5.19&id=23d2b94043ca8835bd1e67749020e839f396a1c2
- https://access.redhat.com/security/cve/CVE-2022-21505
- https://www.cve.org/CVERecord?id=CVE-2022-21505
- https://nvd.nist.gov/vuln/detail/CVE-2022-21505
- https://access.redhat.com/security/cve/CVE-2022-28388
- https://www.cve.org/CVERecord?id=CVE-2022-28388
- https://nvd.nist.gov/vuln/detail/CVE-2022-28388
- https://access.redhat.com/security/cve/CVE-2022-33743
- https://www.cve.org/CVERecord?id=CVE-2022-33743
- https://nvd.nist.gov/vuln/detail/CVE-2022-33743
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/net/xen-netfront.c?h=v5.19-rc7&id=f63c2c2032c2e3caad9add3b82cc6e91c376fd26
- https://www.openwall.com/lists/oss-security/2022/07/05/5
- https://access.redhat.com/security/cve/CVE-2022-36280
- https://bugzilla.redhat.com/show_bug.cgi?id=2133450
- https://www.cve.org/CVERecord?id=CVE-2022-36280
- https://nvd.nist.gov/vuln/detail/CVE-2022-36280
- https://access.redhat.com/security/cve/CVE-2022-36879
- https://bugzilla.redhat.com/show_bug.cgi?id=2119855
- https://www.cve.org/CVERecord?id=CVE-2022-36879
- https://nvd.nist.gov/vuln/detail/CVE-2022-36879
- https://access.redhat.com/security/cve/CVE-2022-39188
- https://www.cve.org/CVERecord?id=CVE-2022-39188
- https://nvd.nist.gov/vuln/detail/CVE-2022-39188
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2329
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b67fbebd4cf980aecbcc750e1462128bffe8ae15
- https://lore.kernel.org/stable/20220831191348.3388208-1-jannh@google.com/T/#u
- https://access.redhat.com/security/cve/CVE-2022-39189
- https://www.cve.org/CVERecord?id=CVE-2022-39189
- https://nvd.nist.gov/vuln/detail/CVE-2022-39189
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2309
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736
- https://access.redhat.com/security/cve/CVE-2022-41674
- https://www.cve.org/CVERecord?id=CVE-2022-41674
- https://nvd.nist.gov/vuln/detail/CVE-2022-41674
- https://www.openwall.com/lists/oss-security/2022/10/13/2
- https://access.redhat.com/security/cve/CVE-2022-42703
- https://www.cve.org/CVERecord?id=CVE-2022-42703
- https://nvd.nist.gov/vuln/detail/CVE-2022-42703
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2555283eb40df89945557273121e9393ef9b542b
- https://access.redhat.com/security/cve/CVE-2022-42720
- https://www.cve.org/CVERecord?id=CVE-2022-42720
- https://nvd.nist.gov/vuln/detail/CVE-2022-42720
- https://access.redhat.com/security/cve/CVE-2022-42721
- https://www.cve.org/CVERecord?id=CVE-2022-42721
- https://nvd.nist.gov/vuln/detail/CVE-2022-42721
- https://access.redhat.com/security/cve/CVE-2022-42722
- https://www.cve.org/CVERecord?id=CVE-2022-42722
- https://nvd.nist.gov/vuln/detail/CVE-2022-42722
- https://access.redhat.com/security/cve/CVE-2022-42896
- https://www.cve.org/CVERecord?id=CVE-2022-42896
- https://nvd.nist.gov/vuln/detail/CVE-2022-42896
- https://github.com/google/security-research/security/advisories/GHSA-pf87-6c9q-jvm4
- https://access.redhat.com/security/cve/CVE-2022-43750
- https://www.cve.org/CVERecord?id=CVE-2022-43750
- https://nvd.nist.gov/vuln/detail/CVE-2022-43750
- https://github.com/torvalds/linux/commit/a659daf63d16aa883be42f3f34ff84235c302198
- https://access.redhat.com/security/cve/CVE-2022-47929
- https://www.cve.org/CVERecord?id=CVE-2022-47929
- https://nvd.nist.gov/vuln/detail/CVE-2022-47929
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96398560f26aa07e8f2969d73c8197e6a6d10407
- https://access.redhat.com/security/cve/CVE-2022-48695
- https://bugzilla.redhat.com/show_bug.cgi?id=2278999
- https://www.cve.org/CVERecord?id=CVE-2022-48695
- https://nvd.nist.gov/vuln/detail/CVE-2022-48695
- https://lore.kernel.org/linux-cve-announce/2024050348-CVE-2022-48695-8a9e@gregkh/T
- https://access.redhat.com/security/cve/CVE-2023-0394
- https://www.cve.org/CVERecord?id=CVE-2023-0394
- https://nvd.nist.gov/vuln/detail/CVE-2023-0394
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17
- https://www.openwall.com/lists/oss-security/2023/01/18/2
- https://access.redhat.com/security/cve/CVE-2023-0461
- https://www.cve.org/CVERecord?id=CVE-2023-0461
- https://nvd.nist.gov/vuln/detail/CVE-2023-0461
- https://github.com/torvalds/linux/commit/2c02d41d71f90a5168391b6a5f2954112ba2307c
- https://access.redhat.com/security/cve/CVE-2023-0590
- https://www.cve.org/CVERecord?id=CVE-2023-0590
- https://nvd.nist.gov/vuln/detail/CVE-2023-0590
- https://lore.kernel.org/all/20221018203258.2793282-1-edumazet@google.com/
- https://access.redhat.com/security/cve/CVE-2023-1195
- https://www.cve.org/CVERecord?id=CVE-2023-1195
- https://nvd.nist.gov/vuln/detail/CVE-2023-1195
- https://github.com/torvalds/linux/commit/153695d36ead0ccc4d0256953c751cabf673e621
- https://access.redhat.com/security/cve/CVE-2023-1382
- https://www.cve.org/CVERecord?id=CVE-2023-1382
- https://nvd.nist.gov/vuln/detail/CVE-2023-1382
- https://lore.kernel.org/netdev/bc7bd3183f1c275c820690fc65b708238fe9e38e.1668807842.git.lucien.xin@gmail.com/T/#u
- https://access.redhat.com/security/cve/CVE-2023-2177
- https://bugzilla.redhat.com/show_bug.cgi?id=2187953
- https://www.cve.org/CVERecord?id=CVE-2023-2177
- https://nvd.nist.gov/vuln/detail/CVE-2023-2177
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=181d8d2066c0
- https://access.redhat.com/security/cve/CVE-2023-2513
- https://bugzilla.redhat.com/show_bug.cgi?id=2193097
- https://www.cve.org/CVERecord?id=CVE-2023-2513
- https://nvd.nist.gov/vuln/detail/CVE-2023-2513
- https://access.redhat.com/security/cve/CVE-2023-22998
- https://bugzilla.redhat.com/show_bug.cgi?id=2182429
- https://www.cve.org/CVERecord?id=CVE-2023-22998
- https://nvd.nist.gov/vuln/detail/CVE-2023-22998
- https://access.redhat.com/security/cve/CVE-2023-52340
- https://bugzilla.redhat.com/show_bug.cgi?id=2257979
- https://www.cve.org/CVERecord?id=CVE-2023-52340
- https://nvd.nist.gov/vuln/detail/CVE-2023-52340
- https://alas.aws.amazon.com/cve/html/CVE-2023-52340.html
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277