RHSA-2024:8613

Description

Red Hat Security Advisory: kernel security update

CVSS Metrics

• v3.1•HIGH•Score: 7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:7.0.0-284.90.1.el9_2 | < 0:7.0.0-284.90.1.el9_2 | < 0:7.0.0-284.90.1.el9_2

• redhat•bpftool-debuginfo

  < 0:7.0.0-284.90.1.el9_2 | < 0:7.0.0-284.90.1.el9_2 | < 0:7.0.0-284.90.1.el9_2

• redhat•kernel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-debuginfo

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-devel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-devel-matched

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-modules

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-modules-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debug-modules-extra

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-debuginfo

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-devel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-devel-matched

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-modules

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-modules-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-64k-modules-extra

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-abi-stablelists

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-debuginfo

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-devel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-devel-matched

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-modules

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-modules-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-modules-extra

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debug-uki-virt

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debuginfo

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debuginfo-common-aarch64

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debuginfo-common-ppc64le

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debuginfo-common-s390x

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-debuginfo-common-x86_64

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-devel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-devel-matched

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-doc

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-modules

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-modules-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-modules-extra

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-tools

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-tools-debuginfo

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-tools-libs

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-tools-libs-devel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-uki-virt

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-zfcpdump

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-zfcpdump-core

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-zfcpdump-debuginfo

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

• redhat•kernel-zfcpdump-devel

  < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2 | < 0:5.14.0-284.90.1.el9_2

Showing first 50 affected entries in server-rendered view.

References (86)

• https://access.redhat.com/errata/RHSA-2024:8613
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=2176140
• https://bugzilla.redhat.com/show_bug.cgi?id=2268118
• https://bugzilla.redhat.com/show_bug.cgi?id=2269189
• https://bugzilla.redhat.com/show_bug.cgi?id=2272811
• https://bugzilla.redhat.com/show_bug.cgi?id=2273109
• https://bugzilla.redhat.com/show_bug.cgi?id=2275604
• https://bugzilla.redhat.com/show_bug.cgi?id=2278176
• https://bugzilla.redhat.com/show_bug.cgi?id=2282356
• https://bugzilla.redhat.com/show_bug.cgi?id=2284571
• https://bugzilla.redhat.com/show_bug.cgi?id=2297544
• https://bugzilla.redhat.com/show_bug.cgi?id=2297582
• https://bugzilla.redhat.com/show_bug.cgi?id=2300422
• https://bugzilla.redhat.com/show_bug.cgi?id=2300429
• https://bugzilla.redhat.com/show_bug.cgi?id=2300439
• https://bugzilla.redhat.com/show_bug.cgi?id=2301519
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8613.json
• https://access.redhat.com/security/cve/CVE-2021-47384
• https://www.cve.org/CVERecord?id=CVE-2021-47384
• https://nvd.nist.gov/vuln/detail/CVE-2021-47384
• https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47384-f311@gregkh/T
• https://access.redhat.com/security/cve/CVE-2023-1252
• https://www.cve.org/CVERecord?id=CVE-2023-1252
• https://nvd.nist.gov/vuln/detail/CVE-2023-1252
• https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/
• https://access.redhat.com/security/cve/CVE-2023-52489
• https://www.cve.org/CVERecord?id=CVE-2023-52489
• https://nvd.nist.gov/vuln/detail/CVE-2023-52489
• https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T
• https://access.redhat.com/security/cve/CVE-2024-2201
• https://www.cve.org/CVERecord?id=CVE-2024-2201
• https://nvd.nist.gov/vuln/detail/CVE-2024-2201
• https://download.vusec.net/papers/inspectre_sec24.pdf
• https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8
• https://www.openwall.com/lists/oss-security/2024/04/09/15
• https://www.vusec.net/projects/native-bhi/
• https://access.redhat.com/security/cve/CVE-2024-26671
• https://www.cve.org/CVERecord?id=CVE-2024-26671
• https://nvd.nist.gov/vuln/detail/CVE-2024-26671
• https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26686
• https://www.cve.org/CVERecord?id=CVE-2024-26686
• https://nvd.nist.gov/vuln/detail/CVE-2024-26686
• https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26826
• https://www.cve.org/CVERecord?id=CVE-2024-26826
• https://nvd.nist.gov/vuln/detail/CVE-2024-26826
• https://lore.kernel.org/linux-cve-announce/2024041703-CVE-2024-26826-b984@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26961
• https://www.cve.org/CVERecord?id=CVE-2024-26961
• https://nvd.nist.gov/vuln/detail/CVE-2024-26961
• https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-36889
• https://www.cve.org/CVERecord?id=CVE-2024-36889
• https://nvd.nist.gov/vuln/detail/CVE-2024-36889
• https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-40960
• https://www.cve.org/CVERecord?id=CVE-2024-40960
• https://nvd.nist.gov/vuln/detail/CVE-2024-40960
• https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40960-d46f@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-40998
• https://www.cve.org/CVERecord?id=CVE-2024-40998
• https://nvd.nist.gov/vuln/detail/CVE-2024-40998
• https://lore.kernel.org/linux-cve-announce/2024071252-CVE-2024-40998-90d6@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-41049
• https://www.cve.org/CVERecord?id=CVE-2024-41049
• https://nvd.nist.gov/vuln/detail/CVE-2024-41049
• https://lore.kernel.org/linux-cve-announce/2024072927-CVE-2024-41049-bf28@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-41055
• https://www.cve.org/CVERecord?id=CVE-2024-41055
• https://nvd.nist.gov/vuln/detail/CVE-2024-41055
• https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-41064
• https://www.cve.org/CVERecord?id=CVE-2024-41064
• https://nvd.nist.gov/vuln/detail/CVE-2024-41064
• https://lore.kernel.org/linux-cve-announce/2024072907-CVE-2024-41064-6ecb@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-42152
• https://www.cve.org/CVERecord?id=CVE-2024-42152
• https://nvd.nist.gov/vuln/detail/CVE-2024-42152
• https://lore.kernel.org/linux-cve-announce/2024073034-CVE-2024-42152-c248@gregkh/T
• https://access.redhat.com/security/cve/CVE-2022-50720
• https://bugzilla.redhat.com/show_bug.cgi?id=2425047
• https://www.cve.org/CVERecord?id=CVE-2022-50720
• https://nvd.nist.gov/vuln/detail/CVE-2022-50720
• https://lore.kernel.org/linux-cve-announce/2025122417-CVE-2022-50720-0297@gregkh/T