RHSA-2024:0461

Description

Red Hat Security Advisory: kernel security update

CVSS Metrics

• v3.1•HIGH•Score: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3

• redhat•bpftool-debuginfo

  < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3 | < 0:7.2.0-362.18.1.el9_3

• redhat•kernel

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-debuginfo

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-devel

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-devel-matched

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-modules

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-modules-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debug-modules-extra

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-debuginfo

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-devel

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-devel-matched

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-modules

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-modules-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-64k-modules-extra

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-abi-stablelists

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-debuginfo

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-devel

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-devel-matched

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-modules

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-modules-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-modules-extra

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debug-uki-virt

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debuginfo

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debuginfo-common-aarch64

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debuginfo-common-ppc64le

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debuginfo-common-s390x

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-debuginfo-common-x86_64

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-devel

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-devel-matched

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-doc

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-modules

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-modules-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-modules-extra

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug-debuginfo

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug-devel

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug-kvm

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug-modules

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

• redhat•kernel-rt-debug-modules-core

  < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3 | < 0:5.14.0-362.18.1.el9_3

Showing first 50 affected entries in server-rendered view.

References (90)

• https://access.redhat.com/errata/RHSA-2024:0461
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=2133451
• https://bugzilla.redhat.com/show_bug.cgi?id=2144379
• https://bugzilla.redhat.com/show_bug.cgi?id=2161310
• https://bugzilla.redhat.com/show_bug.cgi?id=2187813
• https://bugzilla.redhat.com/show_bug.cgi?id=2187931
• https://bugzilla.redhat.com/show_bug.cgi?id=2224048
• https://bugzilla.redhat.com/show_bug.cgi?id=2230042
• https://bugzilla.redhat.com/show_bug.cgi?id=2231800
• https://bugzilla.redhat.com/show_bug.cgi?id=2237750
• https://bugzilla.redhat.com/show_bug.cgi?id=2237752
• https://bugzilla.redhat.com/show_bug.cgi?id=2237757
• https://bugzilla.redhat.com/show_bug.cgi?id=2237760
• https://bugzilla.redhat.com/show_bug.cgi?id=2239843
• https://bugzilla.redhat.com/show_bug.cgi?id=2241924
• https://bugzilla.redhat.com/show_bug.cgi?id=2245663
• https://bugzilla.redhat.com/show_bug.cgi?id=2246944
• https://bugzilla.redhat.com/show_bug.cgi?id=2253986
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0461.json
• https://access.redhat.com/security/cve/CVE-2022-3545
• https://www.cve.org/CVERecord?id=CVE-2022-3545
• https://nvd.nist.gov/vuln/detail/CVE-2022-3545
• https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a
• https://access.redhat.com/security/cve/CVE-2022-36402
• https://www.cve.org/CVERecord?id=CVE-2022-36402
• https://nvd.nist.gov/vuln/detail/CVE-2022-36402
• https://access.redhat.com/security/cve/CVE-2022-41858
• https://www.cve.org/CVERecord?id=CVE-2022-41858
• https://nvd.nist.gov/vuln/detail/CVE-2022-41858
• https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798
• https://access.redhat.com/security/cve/CVE-2023-2166
• https://www.cve.org/CVERecord?id=CVE-2023-2166
• https://nvd.nist.gov/vuln/detail/CVE-2023-2166
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0acc442309a0a1b01bcdaa135e56e6398a49439c
• https://access.redhat.com/security/cve/CVE-2023-2176
• https://www.cve.org/CVERecord?id=CVE-2023-2176
• https://nvd.nist.gov/vuln/detail/CVE-2023-2176
• https://www.spinics.net/lists/linux-rdma/msg114749.html
• https://access.redhat.com/security/cve/CVE-2023-3777
• https://www.cve.org/CVERecord?id=CVE-2023-3777
• https://nvd.nist.gov/vuln/detail/CVE-2023-3777
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8
• https://access.redhat.com/security/cve/CVE-2023-3812
• https://www.cve.org/CVERecord?id=CVE-2023-3812
• https://nvd.nist.gov/vuln/detail/CVE-2023-3812
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0
• https://access.redhat.com/security/cve/CVE-2023-4015
• https://www.cve.org/CVERecord?id=CVE-2023-4015
• https://nvd.nist.gov/vuln/detail/CVE-2023-4015
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a771f7b266b02d262900c75f1e175c7fe76fec2
• https://access.redhat.com/security/cve/CVE-2023-4622
• https://www.cve.org/CVERecord?id=CVE-2023-4622
• https://nvd.nist.gov/vuln/detail/CVE-2023-4622
• https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c
• https://access.redhat.com/security/cve/CVE-2023-4623
• https://www.cve.org/CVERecord?id=CVE-2023-4623
• https://nvd.nist.gov/vuln/detail/CVE-2023-4623
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f
• https://access.redhat.com/security/cve/CVE-2023-5178
• https://www.cve.org/CVERecord?id=CVE-2023-5178
• https://nvd.nist.gov/vuln/detail/CVE-2023-5178
• https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/
• https://access.redhat.com/security/cve/CVE-2023-5633
• https://www.cve.org/CVERecord?id=CVE-2023-5633
• https://nvd.nist.gov/vuln/detail/CVE-2023-5633
• https://access.redhat.com/security/cve/CVE-2023-6679
• https://www.cve.org/CVERecord?id=CVE-2023-6679
• https://nvd.nist.gov/vuln/detail/CVE-2023-6679
• https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/
• https://access.redhat.com/security/cve/CVE-2023-38409
• https://www.cve.org/CVERecord?id=CVE-2023-38409
• https://nvd.nist.gov/vuln/detail/CVE-2023-38409
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d
• https://access.redhat.com/security/cve/CVE-2023-40283
• https://www.cve.org/CVERecord?id=CVE-2023-40283
• https://nvd.nist.gov/vuln/detail/CVE-2023-40283
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1728137b33c00d5a2b5110ed7aafb42e7c32e4a1
• https://access.redhat.com/security/cve/CVE-2023-42753
• https://www.cve.org/CVERecord?id=CVE-2023-42753
• https://nvd.nist.gov/vuln/detail/CVE-2023-42753
• https://seclists.org/oss-sec/2023/q3/216
• https://access.redhat.com/security/cve/CVE-2023-46813
• https://www.cve.org/CVERecord?id=CVE-2023-46813
• https://nvd.nist.gov/vuln/detail/CVE-2023-46813
• https://bugzilla.suse.com/show_bug.cgi?id=1212649
• https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.9
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63e44bc52047f182601e7817da969a105aa1f721
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a37cd2a59d0cb270b1bba568fd3a3b8668b9d3ba
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b9cb9c45583b911e0db71d09caa6b56469eb2bdf