RHEL 9 : kernel (RHSA-2024:1881)

high Nessus Plugin ID 193474

Synopsis

The remote Red Hat host is missing one or more security updates for kernel.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1881 advisory.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

* kernel: tls: use-after-free with partial reads and async decrypt (CVE-2024-26582)

* kernel: tls: handle backlogging of crypto requests (CVE-2024-26584)

* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)

Bug Fix(es):

* [Lenovo RHEL9] Realtek patch for P1 G6 Audio (BZ#2208068)

* Please integrate commit b949ee6801f4 (powerpc/fadump: invoke ibm,os-term with rtas_call_unlocked()) (JIRA:RHEL-17106)

* PVT:1050:XM:Nimitz Linux EEH Nimitz - After FATAL Injection BIT 13 on D10 Register, unable to see the htx traffic status after long time (JIRA:RHEL-22413)

* RHEL9.2 - Performance Degradation in the Case of Asymmetric Scheduler Domains in Linux (JIRA:RHEL-24862)

* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (JIRA:RHEL-29186)

* kernel NULL pointer dereference from nvme_fc_io_getuuid+0xc/0x30 [nvme_fc] (JIRA:RHEL-29221)

* sched_setaffinity(2) returns undocumented error ENODEV (JIRA:RHEL-21140)

* kernel: tls: use-after-free with partial reads and async decrypt (JIRA:RHEL-26396)

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (JIRA:RHEL-27840)

* sched_setaffinity(2) doesn't return -1 for an empty mask (JIRA:RHEL-29540)

* [EMR] [TBOOT OS] SUT could not go to S3 state with RHEL 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:RHEL-29665)

* ipoib mcast lockup fix (JIRA:RHEL-29923)

* ice 0000:6f:00.0: PTP failed to get time (JIRA:RHEL-30108)

* blk-mq: don't schedule blk-mq kworkers on isolated CPUs (JIRA:RHEL-30418)

* kernel: tls: handle backlogging of crypto requests (JIRA:RHEL-30450)

* Kernel panic in skb_segment (JIRA:RHEL-30561)

* [IBM 9.4 FEAT] Update IBM vNIC Driver (ibmvnic) (JIRA:RHEL-28648)

* SCTP OOTB scenario in OVS/Netfilter where the SCTP connection can not be recovered by HB_REQ/HB_ACK (JIRA:RHEL-29949)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL kernel package based on the guidance in RHSA-2024:1881.

See Also

http://www.nessus.org/u?827bb0fb

https://access.redhat.com/security/updates/classification/#moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2250843

https://bugzilla.redhat.com/show_bug.cgi?id=2265518

https://bugzilla.redhat.com/show_bug.cgi?id=2265519

https://bugzilla.redhat.com/show_bug.cgi?id=2265645

https://access.redhat.com/errata/RHSA-2024:1881

Plugin Details

Severity: High

ID: 193474

File Name: redhat-RHSA-2024-1881.nasl

Version: 1.3

Type: local

Agent: unix

Published: 4/18/2024

Updated: 11/7/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26582

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:redhat:rhel_eus:9.2, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules, p-cpe:/a:redhat:enterprise_linux:kernel-debug-uki-virt, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-tools, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump, p-cpe:/a:redhat:enterprise_linux:kernel-64k, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel, p-cpe:/a:redhat:enterprise_linux:kernel-uki-virt, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:kernel-modules, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules, p-cpe:/a:redhat:enterprise_linux:kernel-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:python3-perf, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-devel-matched, p-cpe:/a:redhat:enterprise_linux:rtla, p-cpe:/a:redhat:enterprise_linux:kernel-64k-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel-matched

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 4/18/2024

Vulnerability Publication Date: 2/4/2024

Reference Information

CVE: CVE-2023-6240, CVE-2024-26582, CVE-2024-26584, CVE-2024-26586, CVE-2024-35890

CWE: 203, 393, 416

RHSA: 2024:1881