RedHat Linux Kernel Multiple Vulnerabilities

Release Date: 11 Mar 2025 346 Views

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.

Note:

CVE-2024-50302 is being exploited in the wild. This vulnerability allows an attacker to use a malicious input device to read information from the report buffer. This could be used to leak kernel memory, enabling the exploitation of additional vulnerabilities. Since the exploitation requires physical connection to malicious hardware, the risk level remains Medium.

Impact

Denial of Service
Information Disclosure
Elevation of Privilege

System / Technologies affected

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux Server - TUS 8.6 x86_64
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Redhat