RHSA-2023:7379
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: kernel-rt security update
CVSS Metrics
- v3.1•HIGH•Score: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•kernel-rt
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-core
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-core
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-debuginfo
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-devel
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-kvm
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-modules
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-modules-core
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debug-modules-extra
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debuginfo
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-debuginfo-common-x86_64
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-devel
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-kvm
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-modules
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-modules-core
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
- redhat•kernel-rt-modules-extra
< 0:5.14.0-284.40.1.rt14.325.el9_2 | < 0:5.14.0-284.40.1.rt14.325.el9_2
References (55)
- https://access.redhat.com/errata/RHSA-2023:7379
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/solutions/7027704
- https://bugzilla.redhat.com/show_bug.cgi?id=2174765
- https://bugzilla.redhat.com/show_bug.cgi?id=2223949
- https://bugzilla.redhat.com/show_bug.cgi?id=2224048
- https://bugzilla.redhat.com/show_bug.cgi?id=2225201
- https://bugzilla.redhat.com/show_bug.cgi?id=2225511
- https://bugzilla.redhat.com/show_bug.cgi?id=2239843
- https://bugzilla.redhat.com/show_bug.cgi?id=2241924
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7379.json
- https://access.redhat.com/security/cve/CVE-2022-27672
- https://www.cve.org/CVERecord?id=CVE-2022-27672
- https://nvd.nist.gov/vuln/detail/CVE-2022-27672
- https://kernel.org/doc/html//next/admin-guide/hw-vuln/cross-thread-rsb.html
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1045
- https://www.openwall.com/lists/oss-security/2023/02/14/4
- https://xenbits.xen.org/xsa/advisory-426.html
- https://access.redhat.com/security/cve/CVE-2022-40982
- https://www.cve.org/CVERecord?id=CVE-2022-40982
- https://nvd.nist.gov/vuln/detail/CVE-2022-40982
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html
- https://access.redhat.com/security/cve/CVE-2023-3609
- https://www.cve.org/CVERecord?id=CVE-2023-3609
- https://nvd.nist.gov/vuln/detail/CVE-2023-3609
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc
- https://access.redhat.com/security/cve/CVE-2023-3812
- https://www.cve.org/CVERecord?id=CVE-2023-3812
- https://nvd.nist.gov/vuln/detail/CVE-2023-3812
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0
- https://access.redhat.com/security/cve/CVE-2023-4128
- https://bugzilla.redhat.com/show_bug.cgi?id=2261965
- https://www.cve.org/CVERecord?id=CVE-2023-4128
- https://nvd.nist.gov/vuln/detail/CVE-2023-4128
- https://access.redhat.com/security/cve/CVE-2023-4206
- https://access.redhat.com/security/cve/CVE-2023-4207
- https://access.redhat.com/security/cve/CVE-2023-4208
- https://www.cve.org/CVERecord?id=CVE-2023-4206
- https://nvd.nist.gov/vuln/detail/CVE-2023-4206
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8
- https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/
- https://www.cve.org/CVERecord?id=CVE-2023-4207
- https://nvd.nist.gov/vuln/detail/CVE-2023-4207
- https://www.cve.org/CVERecord?id=CVE-2023-4208
- https://nvd.nist.gov/vuln/detail/CVE-2023-4208
- https://access.redhat.com/security/cve/CVE-2023-5178
- https://www.cve.org/CVERecord?id=CVE-2023-5178
- https://nvd.nist.gov/vuln/detail/CVE-2023-5178
- https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/
- https://access.redhat.com/security/cve/CVE-2023-42753
- https://www.cve.org/CVERecord?id=CVE-2023-42753
- https://nvd.nist.gov/vuln/detail/CVE-2023-42753
- https://seclists.org/oss-sec/2023/q3/216