SB2024112605 - Red Hat Enterprise Linux 8 update for kernel
Published: November 26, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 22 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2021-4204)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary condition in Linux kernel eBPF. A local user trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
2) Security restrictions bypass (CVE-ID: CVE-2022-23222)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to availability of pointer arithmetic via certain *_OR_NULL pointer types in kernel/bpf/verifier.c in the Linux kernel. A local user can run a specially crafted program to execute arbitrary code with root privileges.
3) Out-of-bounds write (CVE-ID: CVE-2022-0500)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in unrestricted eBPF usage by the BPF_BTF_LOAD in Linux kernel. A local user can trigger an out-of-bounds write error in BPF subsystem and execute arbitrary code with elevated privileges.
4) Memory leak (CVE-ID: CVE-2023-0597)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to memory leak within the Linux kernel cpu_entry_area mapping of X86 CPU data. A local user can gain access to sensitive information.
5) Race condition (CVE-ID: CVE-2023-52489)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the section_deactivate() function in mm/sparse.c. A local user can exploit the race and escalate privileges on the system.
6) Buffer overflow (CVE-ID: CVE-2024-26671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
7) Use-after-free (CVE-ID: CVE-2024-26961)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
8) Use-after-free (CVE-ID: CVE-2022-48686)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.
9) Buffer overflow (CVE-ID: CVE-2024-35823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vc_uniscr_delete() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
10) Out-of-bounds read (CVE-ID: CVE-2021-47393)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mlxreg_fan_set_cur_state() function in drivers/hwmon/mlxreg-fan.c. A local user can perform a denial of service (DoS) attack.
11) Race condition (CVE-ID: CVE-2021-47461)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the userfaultfd_writeprotect() function in fs/userfaultfd.c. A local user can escalate privileges on the system.
12) Buffer overflow (CVE-ID: CVE-2024-36920)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mpi3mr_bsg_process_mpt_cmds() function in drivers/scsi/mpi3mr/mpi3mr_app.c. A local user can perform a denial of service (DoS) attack.
13) Use of uninitialized resource (CVE-ID: CVE-2024-36889)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
14) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-38564)
The vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due to improper checks within with bpf_prog_attach_check_attach_type() function in kernel/bpf/syscall.c. A local user can bypass certain security restrictions.
15) Memory leak (CVE-ID: CVE-2024-31076)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the migrate_one_irq() function in kernel/irq/cpuhotplug.c, within the __send_cleanup_vector(), irq_complete_move() and irq_force_complete_move() functions in arch/x86/kernel/apic/vector.c. A local user can perform a denial of service (DoS) attack.
16) Resource management error (CVE-ID: CVE-2024-40988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sumo_construct_vid_mapping_table() function in drivers/gpu/drm/radeon/sumo_dpm.c. A local user can perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2022-48773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rpcrdma_ep_create() function in net/sunrpc/xprtrdma/verbs.c. A local user can perform a denial of service (DoS) attack.
18) Input validation error (CVE-ID: CVE-2024-41009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __aligned(), bpf_ringbuf_alloc(), bpf_ringbuf_restore_from_rec() and __bpf_ringbuf_reserve() functions in kernel/bpf/ringbuf.c. A local user can perform a denial of service (DoS) attack.
19) Out-of-bounds read (CVE-ID: CVE-2024-41014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xlog_recover_process_data() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.
20) Memory leak (CVE-ID: CVE-2024-41023)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the enqueue_task_dl() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.
21) Out-of-bounds read (CVE-ID: CVE-2022-48929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btf_check_func_arg_match() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
22) Use-after-free (CVE-ID: CVE-2024-46858)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mptcp_pm_del_add_timer() and remove_anno_list_by_saddr() functions in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.