Red Hat Security Advisory 2024-0724-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, privilege escalation, and use-after-free vulnerabilities.
5c463638a8edc5623216376f8dce92be65e11ef8ea1db023d0e820071520da83
The following advisory data is extracted from:
https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0724.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
- Packet Storm Staff
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2024:0724-03
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2024:0724
Issue date: 2024-02-07
Revision: 03
CVE Names: CVE-2021-3640
====================================================================
Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
* kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
* kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
* kernel: use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640)
* kernel: improper input validation may lead to privilege escalation (CVE-2021-4204)
* kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c (CVE-2021-30002)
* kernel: eBPF verification flaw (CVE-2021-34866)
* kernel: smb2_ioctl_query_info NULL pointer dereference (CVE-2022-0168)
* kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges (CVE-2022-0500)
* kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617)
* kernel: possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
* kernel: buffer overflow in nft_set_desc_concat_parse() (CVE-2022-2078)
* kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586)
* kernel: netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
* kernel: memory leak in ipv6_renew_options() (CVE-2022-3524)
* kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
* kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
* kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
* kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
* kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
* kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
* kernel: possible to use the debugger to write zero into a location of choice (CVE-2022-21499)
* kernel: local privileges escalation in kernel/bpf/verifier.c (CVE-2022-23222)
* kernel: Executable Space Protection Bypass (CVE-2022-25265)
* kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)
* kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390)
Solution:
https://access.redhat.com/articles/11258
CVEs:
CVE-2021-3640
References:
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=1946279
https://bugzilla.redhat.com/show_bug.cgi?id=1980646
https://bugzilla.redhat.com/show_bug.cgi?id=2000457
https://bugzilla.redhat.com/show_bug.cgi?id=2037386
https://bugzilla.redhat.com/show_bug.cgi?id=2039178
https://bugzilla.redhat.com/show_bug.cgi?id=2043520
https://bugzilla.redhat.com/show_bug.cgi?id=2044578
https://bugzilla.redhat.com/show_bug.cgi?id=2051444
https://bugzilla.redhat.com/show_bug.cgi?id=2053632
https://bugzilla.redhat.com/show_bug.cgi?id=2055499
https://bugzilla.redhat.com/show_bug.cgi?id=2073064
https://bugzilla.redhat.com/show_bug.cgi?id=2073091
https://bugzilla.redhat.com/show_bug.cgi?id=2074208
https://bugzilla.redhat.com/show_bug.cgi?id=2078466
https://bugzilla.redhat.com/show_bug.cgi?id=2084183
https://bugzilla.redhat.com/show_bug.cgi?id=2096178
https://bugzilla.redhat.com/show_bug.cgi?id=2114878
https://bugzilla.redhat.com/show_bug.cgi?id=2115278
https://bugzilla.redhat.com/show_bug.cgi?id=2123056
https://bugzilla.redhat.com/show_bug.cgi?id=2124788
https://bugzilla.redhat.com/show_bug.cgi?id=2137979
https://bugzilla.redhat.com/show_bug.cgi?id=2143893
https://bugzilla.redhat.com/show_bug.cgi?id=2148520
https://bugzilla.redhat.com/show_bug.cgi?id=2149024
https://bugzilla.redhat.com/show_bug.cgi?id=2150947
https://bugzilla.redhat.com/show_bug.cgi?id=2154235
https://bugzilla.redhat.com/show_bug.cgi?id=2161310
https://bugzilla.redhat.com/show_bug.cgi?id=2165721
https://bugzilla.redhat.com/show_bug.cgi?id=2168332
https://bugzilla.redhat.com/show_bug.cgi?id=2173434
https://bugzilla.redhat.com/show_bug.cgi?id=2176140
https://bugzilla.redhat.com/show_bug.cgi?id=2177389
https://bugzilla.redhat.com/show_bug.cgi?id=2181330
https://bugzilla.redhat.com/show_bug.cgi?id=2185945
https://bugzilla.redhat.com/show_bug.cgi?id=2187813
https://bugzilla.redhat.com/show_bug.cgi?id=2187931
https://bugzilla.redhat.com/show_bug.cgi?id=2193219
https://bugzilla.redhat.com/show_bug.cgi?id=2207625
https://bugzilla.redhat.com/show_bug.cgi?id=2213199
https://bugzilla.redhat.com/show_bug.cgi?id=2215837
https://bugzilla.redhat.com/show_bug.cgi?id=2221707
https://bugzilla.redhat.com/show_bug.cgi?id=2231800
https://bugzilla.redhat.com/show_bug.cgi?id=2244715
https://bugzilla.redhat.com/show_bug.cgi?id=2245514
https://bugzilla.redhat.com/show_bug.cgi?id=2246944
https://bugzilla.redhat.com/show_bug.cgi?id=2246945
https://bugzilla.redhat.com/show_bug.cgi?id=2253614
https://bugzilla.redhat.com/show_bug.cgi?id=2253908
https://bugzilla.redhat.com/show_bug.cgi?id=2254052
https://bugzilla.redhat.com/show_bug.cgi?id=2254053
https://bugzilla.redhat.com/show_bug.cgi?id=2254054
https://bugzilla.redhat.com/show_bug.cgi?id=2255139
https://bugzilla.redhat.com/show_bug.cgi?id=2255283
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed