RHSA-2024:0113

Description

Red Hat Security Advisory: kernel security update

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•bpftool-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-abi-stablelists

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-core

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-cross-headers

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debug

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debug-core

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debug-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debug-devel

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debug-modules

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debug-modules-extra

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debuginfo-common-aarch64

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debuginfo-common-ppc64le

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debuginfo-common-s390x

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-debuginfo-common-x86_64

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-devel

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-doc

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-headers

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-modules

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-modules-extra

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-tools

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-tools-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-tools-libs

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-tools-libs-devel

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-zfcpdump

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-zfcpdump-core

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-zfcpdump-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-zfcpdump-devel

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-zfcpdump-modules

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•kernel-zfcpdump-modules-extra

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•perf

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•perf-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•python3-perf

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

• redhat•python3-perf-debuginfo

  < 0:4.18.0-513.11.1.el8_9 | < 0:4.18.0-513.11.1.el8_9

References (33)

• https://access.redhat.com/errata/RHSA-2024:0113
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=2187773
• https://bugzilla.redhat.com/show_bug.cgi?id=2207625
• https://bugzilla.redhat.com/show_bug.cgi?id=2237760
• https://bugzilla.redhat.com/show_bug.cgi?id=2239843
• https://bugzilla.redhat.com/show_bug.cgi?id=2245663
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0113.json
• https://access.redhat.com/security/cve/CVE-2022-36402
• https://bugzilla.redhat.com/show_bug.cgi?id=2133451
• https://www.cve.org/CVERecord?id=CVE-2022-36402
• https://nvd.nist.gov/vuln/detail/CVE-2022-36402
• https://access.redhat.com/security/cve/CVE-2023-2162
• https://www.cve.org/CVERecord?id=CVE-2023-2162
• https://nvd.nist.gov/vuln/detail/CVE-2023-2162
• https://www.spinics.net/lists/linux-scsi/msg181542.html
• https://access.redhat.com/security/cve/CVE-2023-4622
• https://www.cve.org/CVERecord?id=CVE-2023-4622
• https://nvd.nist.gov/vuln/detail/CVE-2023-4622
• https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c
• https://access.redhat.com/security/cve/CVE-2023-5633
• https://www.cve.org/CVERecord?id=CVE-2023-5633
• https://nvd.nist.gov/vuln/detail/CVE-2023-5633
• https://access.redhat.com/security/cve/CVE-2023-20569
• https://www.cve.org/CVERecord?id=CVE-2023-20569
• https://nvd.nist.gov/vuln/detail/CVE-2023-20569
• https://access.redhat.com/solutions/7049120
• https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf
• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html
• https://access.redhat.com/security/cve/CVE-2023-42753
• https://www.cve.org/CVERecord?id=CVE-2023-42753
• https://nvd.nist.gov/vuln/detail/CVE-2023-42753
• https://seclists.org/oss-sec/2023/q3/216