RHEL 8 : kernel (RHSA-2024:1607)

high Nessus Plugin ID 192854

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1607 advisory.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)

* kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size (CVE-2023-6931)

* kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546,ZDI-CAN-20527)

* kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565)

* kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042)

* kernel: ext4: kernel bug in ext4_write_inline_data_end() (CVE-2021-33631)

* kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

Bug Fix(es):

* OCP 4.12 crashed due to use-after-free in libceph in rhel8 (JIRA:RHEL-21394)

* kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (JIRA:RHEL-24010)

* Screen floods with random colour suggesting something not initialised (JIRA:RHEL-21055)

* kernel: vmxgfx: NULL pointer dereference in vmw_cmd_dx_define_query (JIRA:RHEL-22766)

* tx-checksumming required for accessing port in OpenShift for RHEL 8.6 (JIRA:RHEL-20822)

* kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (JIRA:RHEL-22077)

* kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size (JIRA:RHEL-22930)

* rbd: don't move requests to the running list on errors [8.x] (JIRA:RHEL-24204)

* kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (JIRA:RHEL-24479)

* ceph: several cap and snap fixes (JIRA:RHEL-20909)

* [RHVH] Migration hangs between RHVH release bellow 4.5.1 and RHVH over or equal 4.5.2 release (JIRA:RHEL-23063)

* unable to access smsc95xx based interface unless you start outgoing traffic. (JIRA:RHEL-25719)

* [RHEL8] ] BUG bio-696 (Not tainted): Poison overwritten (JIRA:RHEL-26101)

* kernel: GSM multiplexing race condition leads to privilege escalation (JIRA:RHEL-19954)

* backport smartpqi: fix disable_managed_interrupts (JIRA:RHEL-26139)

* kernel: ext4: kernel bug in ext4_write_inline_data_end() (JIRA:RHEL-26331)

* ceph: always check dir caps asynchronously (JIRA:RHEL-27496)

Enhancement(s):

* [IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:RHEL-25811)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?fd0eae66

https://access.redhat.com/security/updates/classification/#important

https://bugzilla.redhat.com/show_bug.cgi?id=2133452

https://bugzilla.redhat.com/show_bug.cgi?id=2252731

https://bugzilla.redhat.com/show_bug.cgi?id=2255498

https://bugzilla.redhat.com/show_bug.cgi?id=2258518

https://bugzilla.redhat.com/show_bug.cgi?id=2259866

https://bugzilla.redhat.com/show_bug.cgi?id=2261976

https://bugzilla.redhat.com/show_bug.cgi?id=2262126

https://access.redhat.com/errata/RHSA-2024:1607

Plugin Details

Severity: High

ID: 192854

File Name: redhat-RHSA-2024-1607.nasl

Version: 1.7

Type: local

Agent: unix

Published: 4/2/2024

Updated: 11/7/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.6

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: High

Base Score: 7.7

Temporal Score: 6.7

Vector: CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-0565

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2024-1086

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers, p-cpe:/a:redhat:enterprise_linux:kernel-core, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-tools, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core, p-cpe:/a:redhat:enterprise_linux:kernel, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-modules, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:python3-perf

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/2/2024

Vulnerability Publication Date: 9/9/2022

CISA Known Exploited Vulnerability Due Dates: 6/20/2024

Exploitable With

Core Impact

Reference Information

CVE: CVE-2021-33631, CVE-2022-38096, CVE-2023-51042, CVE-2023-6546, CVE-2023-6931, CVE-2024-0565, CVE-2024-1086

CWE: 190, 191, 416, 476, 787

RHSA: 2024:1607