RHSA-2024:5255

Description

Red Hat Security Advisory: kernel security update

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•bpftool-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-abi-stablelists

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-core

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debug

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debug-core

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debug-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debug-devel

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debug-modules

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debug-modules-extra

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debuginfo-common-aarch64

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debuginfo-common-ppc64le

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debuginfo-common-s390x

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-debuginfo-common-x86_64

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-devel

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-doc

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-modules

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-modules-extra

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-tools

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-tools-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-tools-libs

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-tools-libs-devel

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-zfcpdump

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-zfcpdump-core

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-zfcpdump-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-zfcpdump-devel

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-zfcpdump-modules

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•kernel-zfcpdump-modules-extra

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•perf

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•perf-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•python3-perf

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

• redhat•python3-perf-debuginfo

  < 0:4.18.0-477.67.1.el8_8 | < 0:4.18.0-477.67.1.el8_8

References (116)

• https://access.redhat.com/errata/RHSA-2024:5255
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=2207625
• https://bugzilla.redhat.com/show_bug.cgi?id=2265517
• https://bugzilla.redhat.com/show_bug.cgi?id=2265519
• https://bugzilla.redhat.com/show_bug.cgi?id=2265520
• https://bugzilla.redhat.com/show_bug.cgi?id=2265653
• https://bugzilla.redhat.com/show_bug.cgi?id=2267509
• https://bugzilla.redhat.com/show_bug.cgi?id=2270080
• https://bugzilla.redhat.com/show_bug.cgi?id=2270100
• https://bugzilla.redhat.com/show_bug.cgi?id=2273109
• https://bugzilla.redhat.com/show_bug.cgi?id=2273174
• https://bugzilla.redhat.com/show_bug.cgi?id=2273236
• https://bugzilla.redhat.com/show_bug.cgi?id=2273247
• https://bugzilla.redhat.com/show_bug.cgi?id=2275711
• https://bugzilla.redhat.com/show_bug.cgi?id=2277238
• https://bugzilla.redhat.com/show_bug.cgi?id=2278337
• https://bugzilla.redhat.com/show_bug.cgi?id=2281257
• https://bugzilla.redhat.com/show_bug.cgi?id=2281641
• https://bugzilla.redhat.com/show_bug.cgi?id=2281968
• https://bugzilla.redhat.com/show_bug.cgi?id=2284400
• https://bugzilla.redhat.com/show_bug.cgi?id=2292331
• https://bugzilla.redhat.com/show_bug.cgi?id=2293444
• https://bugzilla.redhat.com/show_bug.cgi?id=2293461
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5255.json
• https://access.redhat.com/security/cve/CVE-2022-48627
• https://www.cve.org/CVERecord?id=CVE-2022-48627
• https://nvd.nist.gov/vuln/detail/CVE-2022-48627
• https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2022-48627-c7bf@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2023-20569
• https://www.cve.org/CVERecord?id=CVE-2023-20569
• https://nvd.nist.gov/vuln/detail/CVE-2023-20569
• https://access.redhat.com/solutions/7049120
• https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf
• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html
• https://access.redhat.com/security/cve/CVE-2023-52448
• https://www.cve.org/CVERecord?id=CVE-2023-52448
• https://nvd.nist.gov/vuln/detail/CVE-2023-52448
• https://lore.kernel.org/linux-cve-announce/2024022255-CVE-2023-52448-7bf2@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2023-52610
• https://www.cve.org/CVERecord?id=CVE-2023-52610
• https://nvd.nist.gov/vuln/detail/CVE-2023-52610
• https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-10-lee@kernel.org/T
• https://access.redhat.com/security/cve/CVE-2024-26583
• https://www.cve.org/CVERecord?id=CVE-2024-26583
• https://nvd.nist.gov/vuln/detail/CVE-2024-26583
• https://lore.kernel.org/linux-cve-announce/2024022146-traction-unjustly-f451@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2024-26584
• https://www.cve.org/CVERecord?id=CVE-2024-26584
• https://nvd.nist.gov/vuln/detail/CVE-2024-26584
• https://lore.kernel.org/linux-cve-announce/2024022148-showpiece-yanking-107c@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2024-26585
• https://www.cve.org/CVERecord?id=CVE-2024-26585
• https://nvd.nist.gov/vuln/detail/CVE-2024-26585
• https://lore.kernel.org/linux-cve-announce/2024022150-fancy-numerate-94ab@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2024-26640
• https://www.cve.org/CVERecord?id=CVE-2024-26640
• https://nvd.nist.gov/vuln/detail/CVE-2024-26640
• https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T
• https://access.redhat.com/security/cve/CVE-2024-26686
• https://www.cve.org/CVERecord?id=CVE-2024-26686
• https://nvd.nist.gov/vuln/detail/CVE-2024-26686
• https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26704
• https://www.cve.org/CVERecord?id=CVE-2024-26704
• https://nvd.nist.gov/vuln/detail/CVE-2024-26704
• https://lore.kernel.org/linux-cve-announce/2024040340-CVE-2024-26704-a082@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26733
• https://www.cve.org/CVERecord?id=CVE-2024-26733
• https://nvd.nist.gov/vuln/detail/CVE-2024-26733
• https://lore.kernel.org/linux-cve-announce/2024040358-CVE-2024-26733-617f@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26773
• https://www.cve.org/CVERecord?id=CVE-2024-26773
• https://nvd.nist.gov/vuln/detail/CVE-2024-26773
• https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26773-a314@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26870
• https://www.cve.org/CVERecord?id=CVE-2024-26870
• https://nvd.nist.gov/vuln/detail/CVE-2024-26870
• https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26982
• https://www.cve.org/CVERecord?id=CVE-2024-26982
• https://nvd.nist.gov/vuln/detail/CVE-2024-26982
• https://lore.kernel.org/linux-cve-announce/2024050141-CVE-2024-26982-8675@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-35852
• https://www.cve.org/CVERecord?id=CVE-2024-35852
• https://nvd.nist.gov/vuln/detail/CVE-2024-35852
• https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35852-9e9a@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-35910
• https://www.cve.org/CVERecord?id=CVE-2024-35910
• https://nvd.nist.gov/vuln/detail/CVE-2024-35910
• https://lore.kernel.org/linux-cve-announce/2024051955-CVE-2024-35910-5f95@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-36000
• https://www.cve.org/CVERecord?id=CVE-2024-36000
• https://nvd.nist.gov/vuln/detail/CVE-2024-36000
• https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-36020
• https://www.cve.org/CVERecord?id=CVE-2024-36020
• https://nvd.nist.gov/vuln/detail/CVE-2024-36020
• https://access.redhat.com/security/cve/CVE-2024-36886
• https://www.cve.org/CVERecord?id=CVE-2024-36886
• https://nvd.nist.gov/vuln/detail/CVE-2024-36886
• https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/
• https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2024-36971
• https://www.cve.org/CVERecord?id=CVE-2024-36971
• https://nvd.nist.gov/vuln/detail/CVE-2024-36971
• https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• https://access.redhat.com/security/cve/CVE-2024-38538
• https://www.cve.org/CVERecord?id=CVE-2024-38538
• https://nvd.nist.gov/vuln/detail/CVE-2024-38538
• https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38538-e28a@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-38555
• https://www.cve.org/CVERecord?id=CVE-2024-38555
• https://nvd.nist.gov/vuln/detail/CVE-2024-38555
• https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38555-aefb@gregkh/T