Red Hat alert RHSA-2024:9498-01 (kernel-rt)
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522) * kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640) * kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656) * kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772) * kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906) * kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870) * kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (CVE-2024-31076) * kernel: mptcp: ensure snd_una is properly initialized on connect (CVE-2024-40931) * kernel: firmware: cs_dsp: Fix overflow checking of wmfw header (CVE-2024-41039) * kernel: net/iucv: fix use after free in iucv_sock_close() (CVE-2024-42271) * kernel: mptcp: pm: Fix uaf in __timer_delete_sync (CVE-2024-46858) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.Original: https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_9498.json