Red Hat Enterprise Linux 9 update for kernel

1) Race condition

EUVDB-ID: #VU88135

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26643

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the nf_tables_unbind_set() function in net/netfilter/nf_tables_api.c. A local user can exploit the race and escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.18.1.el9_4

CPE2.3

• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time_for_nfv:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_arm_64:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_power_little_endian:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_ibm_z_systems:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux:9:*:*:*:*:*:*:

External links

http://access.redhat.com/errata/RHSA-2024:3306

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper access control

EUVDB-ID: #VU88150

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26642

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.18.1.el9_4

CPE2.3

• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time_for_nfv:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_arm_64:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_power_little_endian:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_ibm_z_systems:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux:9:*:*:*:*:*:*:

External links

http://access.redhat.com/errata/RHSA-2024:3306

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU94118

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26673

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the nft_ct_expect_obj_init() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.18.1.el9_4

CPE2.3

• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time_for_nfv:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_arm_64:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_power_little_endian:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_ibm_z_systems:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux:9:*:*:*:*:*:*:

External links

http://access.redhat.com/errata/RHSA-2024:3306

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU90212

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26804

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for Real Time: 9

Red Hat Enterprise Linux for Real Time for NFV: 9

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

kernel (Red Hat package): before 5.14.0-427.18.1.el9_4

CPE2.3

• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_real_time_for_nfv:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_arm_64:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_power_little_endian:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_ibm_z_systems:9:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux:9:*:*:*:*:*:*:

External links

http://access.redhat.com/errata/RHSA-2024:3306

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.