[ALSA-2024:3627] Moderate: kernel-rt security and bug fix update
Type:
security
Severity:
moderate
Release date:
2024-06-05
Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340) * kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744) * kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593) * kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445) * kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603) * kernel: use after free in i2c (CVE-2019-25162) * kernel: i2c: validate user data in compat ioctl (CVE-2021-46934) * kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777) * kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477) * kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055) * kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615) * kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627) * kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307) * kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565) * kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578) * kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528) * kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520) * kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513) * kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118) * kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610) * kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643) * kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642) * kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153) * kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659) * kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664) * kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779) * kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744) * kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743) * kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185) * kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901) * kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872) * kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919) * kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964) * kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934) * kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933) * kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993) * kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973) * kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059) Bug Fix(es): * kernel-rt: update RT source tree to the latest AlmaLinux-8.10.z kernel (JIRA:AlmaLinux-34640) * kernel-rt: epoll_wait not reporting catching all events to application (JIRA:AlmaLinux-23022)
Updated packages listed below:
Architecture Package Checksum
x86_64 kernel-rt-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm 0a201510ab4531859baf5225649d95e26d20857ed4b19c66b3644b761091924b
x86_64 kernel-rt-debug-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm 11874e743e5547157977bea6f63f7629ce418bab6ac82db9a1683a0ce9095eaf
x86_64 kernel-rt-core-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm 11b9c6bd692ad5af5faba41fae8ccc5145bb018d6b448f0a71de3fbaf693c92b
x86_64 kernel-rt-modules-extra-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm 2fd752a54f7601df10a8d5380d50920060fbddd604cc70a417589098b5ffb966
x86_64 kernel-rt-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm 3e647e5240d4a2de96dd810c244192a7d7bc6fb0ba6400b33ea15593f8e29eb9
x86_64 kernel-rt-kvm-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm 9920be18159ff1e05157bf7df8c411df4c84215952d466830452c8757f7e9753
x86_64 kernel-rt-debug-devel-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm a17b0d453aeb2057c85793c25b083c25eac3f3bda1c9daca66e26562363c156c
x86_64 kernel-rt-debug-core-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm af31f6d8005f935c5e23687f7e1d1e5be06a18753652ee8f0064c67455203a75
x86_64 kernel-rt-devel-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm b6aadd177521f2414be47aea4cb3729bf3caf490295410918712b5207f1ba5c7
x86_64 kernel-rt-debug-modules-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm be8ec3645ce02dfa2cfd5d7b6f3464b0ea8cae24576ff7d787e37e4975b56950
x86_64 kernel-rt-debug-modules-extra-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm c0e9be5a981b4bcfa01329d19741b853a99ecb523b72b837cff60953906e9d85
x86_64 kernel-rt-debug-kvm-4.18.0-553.5.1.rt7.346.el8_10.x86_64.rpm ec390f44a811a7e97f19d4cf7dfbf3782ce715614df7034867103107bec9a0da
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.