Red Hat Enterprise Linux 9 update for kernel



Published: 2024-07-09
Risk Low
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2023-52626
CVE-2024-26801
CVE-2024-26974
CVE-2024-27393
CVE-2023-52667
CVE-2024-35870
CVE-2024-35960
CVE-2021-47400
CWE-ID CWE-125
CWE-416
CWE-401
CWE-415
CWE-665
CWE-399
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Red Hat Enterprise Linux for Real Time
Operating systems & Components / Operating system

Red Hat Enterprise Linux for Real Time for NFV
Operating systems & Components / Operating system

Red Hat Enterprise Linux for ARM 64
Operating systems & Components / Operating system

Red Hat Enterprise Linux for Power, little endian
Operating systems & Components / Operating system

Red Hat Enterprise Linux for IBM z Systems
Operating systems & Components / Operating system

Red Hat Enterprise Linux for x86_64
Operating systems & Components / Operating system

kernel (Red Hat package)
Operating systems & Components / Operating system package or component

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU91401

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52626

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mlx5e_ptp_handle_ts_cqe() function in drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU90209

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26801

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hci_error_reset() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU90185

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26974

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Memory leak

EUVDB-ID: #VU89353

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27393

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform DoS attack on the target system.

The vulnerability exists due memory leak within the xennet_alloc_one_rx_buffer() function in xen-netback implementation. A malicious guest userspace process can exhaust memory resources within the guest kernel and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Double free

EUVDB-ID: #VU90922

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52667

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU90158

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35870

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_mark_tcp_ses_conns_for_reconnect() and cifs_find_smb_ses() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper Initialization

EUVDB-ID: #VU93351

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35960

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU93185

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47400

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hns3_nic_net_open() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.24.1.el9_4

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2024:4349


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###