SB2024090403 - Red Hat Enterprise Linux 9 update for kernel-rt 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024090403

SB2024090403 - Red Hat Enterprise Linux 9 update for kernel-rt

Published: September 4, 2024

Security Bulletin ID SB2024090403
Severity
Low
Patch available
YES
Number of vulnerabilities 14
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2024-26946)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the can_probe() function in arch/x86/kernel/kprobes/core.c. A local user can perform a denial of service (DoS) attack.


2) Improper locking (CVE-ID: CVE-2024-35839)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nf_reject6_fill_skb_dst() and nf_send_reset6() functions in net/ipv6/netfilter/nf_reject_ipv6.c, within the nf_reject_fill_skb_dst() and nf_send_reset() functions in net/ipv4/netfilter/nf_reject_ipv4.c, within the br_nf_pre_routing_finish_ipv6() function in net/bridge/br_netfilter_ipv6.c, within the br_nf_pre_routing_finish_bridge(), br_nf_ipv4_daddr_was_changed(), bridge_parent_rtable(), skb_dst_set_noref(), setup_pre_routing(), br_nf_forward_finish(), ip_sabotage_in() and br_nf_pre_routing_finish_bridge_slow() functions in net/bridge/br_netfilter_hooks.c. A local user can perform a denial of service (DoS) attack.


3) Improper locking (CVE-ID: CVE-2024-35895)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.


4) Input validation error (CVE-ID: CVE-2024-35875)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the setup_arch() function in arch/x86/kernel/setup.c, within the cc_mkdec() function in arch/x86/coco/core.c. A local user can perform a denial of service (DoS) attack.


5) Use-after-free (CVE-ID: CVE-2024-38570)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gfs2_gl_hash_clear() function in fs/gfs2/super.c, within the init_sbd() function in fs/gfs2/ops_fstype.c, within the gdlm_ast(), gdlm_bast() and gdlm_put_lock() functions in fs/gfs2/lock_dlm.c, within the glock_blocked_by_withdraw() and gfs2_gl_hash_clear() functions in fs/gfs2/glock.c. A local user can escalate privileges on the system.


6) Out-of-bounds read (CVE-ID: CVE-2024-38540)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bnxt_qplib_create_qp() function in drivers/infiniband/hw/bnxt_re/qplib_fp.c. A local user can perform a denial of service (DoS) attack.


7) NULL pointer dereference (CVE-ID: CVE-2024-39502)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ionic_qcq_enable() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.


8) Improper error handling (CVE-ID: CVE-2024-40914)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the unpoison_memory() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.


9) Use-after-free (CVE-ID: CVE-2024-40956)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the irq_process_work_list() function in drivers/dma/idxd/irq.c. A local user can escalate privileges on the system.


10) Resource management error (CVE-ID: CVE-2024-40978)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the qedi_dbg_do_not_recover_cmd_read() function in drivers/scsi/qedi/qedi_debugfs.c. A local user can perform a denial of service (DoS) attack.


11) Resource management error (CVE-ID: CVE-2024-40983)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the tipc_rcv() function in net/tipc/node.c. A local user can perform a denial of service (DoS) attack.


12) Input validation error (CVE-ID: CVE-2024-41044)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ppp_read() and ppp_write() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.


13) Integer overflow (CVE-ID: CVE-2024-42102)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the wb_dirty_limits() function in mm/page-writeback.c. A local user can execute arbitrary code.


14) Integer overflow (CVE-ID: CVE-2024-42131)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the domain_dirty_limits(), node_dirty_limit(), dirty_background_bytes_handler() and dirty_bytes_handler() functions in mm/page-writeback.c. A local user can execute arbitrary code.


Remediation

Install update from vendor's website.

References