Detections
Analytics
RHEL 8 : kernel (RHSA-2024:1607)
high Nessus Plugin ID 192854
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1607 advisory.The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)
* kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size (CVE-2023-6931)
* kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546,ZDI-CAN-20527)
* kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565)
* kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042)
* kernel: ext4: kernel bug in ext4_write_inline_data_end() (CVE-2021-33631)
* kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)
Bug Fix(es):
* OCP 4.12 crashed due to use-after-free in libceph in rhel8 (JIRA:RHEL-21394)
* kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (JIRA:RHEL-24010)
* Screen floods with random colour suggesting something not initialised (JIRA:RHEL-21055)
* kernel: vmxgfx: NULL pointer dereference in vmw_cmd_dx_define_query (JIRA:RHEL-22766)
* tx-checksumming required for accessing port in OpenShift for RHEL 8.6 (JIRA:RHEL-20822)
* kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (JIRA:RHEL-22077)
* kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size (JIRA:RHEL-22930)
* rbd: don't move requests to the running list on errors [8.x] (JIRA:RHEL-24204)
* kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (JIRA:RHEL-24479)
* ceph: several cap and snap fixes (JIRA:RHEL-20909)
* [RHVH] Migration hangs between RHVH release bellow 4.5.1 and RHVH over or equal 4.5.2 release (JIRA:RHEL-23063)
* unable to access smsc95xx based interface unless you start outgoing traffic. (JIRA:RHEL-25719)
* [RHEL8] ] BUG bio-696 (Not tainted): Poison overwritten (JIRA:RHEL-26101)
* kernel: GSM multiplexing race condition leads to privilege escalation (JIRA:RHEL-19954)
* backport smartpqi: fix disable_managed_interrupts (JIRA:RHEL-26139)
* kernel: ext4: kernel bug in ext4_write_inline_data_end() (JIRA:RHEL-26331)
* ceph: always check dir caps asynchronously (JIRA:RHEL-27496)
Enhancement(s):
* [IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:RHEL-25811)
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://www.nessus.org/u?d2ed0c60
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2133452
https://bugzilla.redhat.com/show_bug.cgi?id=2252731
https://bugzilla.redhat.com/show_bug.cgi?id=2255498
https://bugzilla.redhat.com/show_bug.cgi?id=2258518
https://bugzilla.redhat.com/show_bug.cgi?id=2259866
https://bugzilla.redhat.com/show_bug.cgi?id=2261976
Plugin Details
Severity: High
ID: 192854
File Name: redhat-RHSA-2024-1607.nasl
Version: 1.6
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 4/2/2024
Updated: 6/3/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.6
CVSS v2
Risk Factor: High
Base Score: 7.7
Temporal Score: 6.7
Vector: CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2024-0565
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2024-1086
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:kernel-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-tools, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core, p-cpe:/a:redhat:enterprise_linux:kernel, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-modules, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers, p-cpe:/a:redhat:enterprise_linux:kernel-core, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:python3-perf
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/2/2024
Vulnerability Publication Date: 9/9/2022
CISA Known Exploited Vulnerability Due Dates: 6/20/2024
Exploitable With
Core Impact
Reference Information
CVE: CVE-2021-33631, CVE-2022-38096, CVE-2023-51042, CVE-2023-6546, CVE-2023-6931, CVE-2024-0565, CVE-2024-1086