Skip to main content

RedHat Linux Kernel Multiple Vulnerabilities

Last Update Date: 31 May 2024 Release Date: 8 Feb 2024 9005 Views

RISK: Medium Risk

TYPE: Operating Systems - Linux

TYPE: Linux

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

 

Notes:

CVE-2024-1086 is being exploited in the wild. It is related to use-after-free vulnerability in the netfilter: nf_tables component. Local attackers could exploit this flaw to elevate privileges from a regular user to root. The risk level remain medium risk.

 

[Updated on 2024-02-19] 

Updated System / Technologies affected, Solutions and Related Links.

 

[Updated on 2024-02-23] 

Updated Solutions, Vulnerability Identifier and Related Links.

 

[Updated on 2024-05-31]

Updated Description.


Impact

  • Denial of Service
  • Remote Code Execution
  • Elevation of Privilege
  • Information Disclosure
  • Security Restriction Bypass
  • Data Manipulation

System / Technologies affected

  • Kernel Module Management 2 for RHEL 9 x86_64
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64
  • Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Virtualization Host 4 for RHEL 8 x86_64

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link