What Are You Looking For?

Popular Tags

Sign Up
{"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2023:3819","synopsis":"Moderate: kernel-rt security and bug fix update","severity":"SEVERITY_MODERATE","topic":"An update is available for kernel-rt.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list","description":"The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference (CVE-2023-28466)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the Rocky Linux-8.8.z1 source tree. (BZ#2210299)","solution":null,"affectedProducts":["Rocky Linux 8"],"fixes":[{"ticket":"2179000","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2179000","description":""}],"cves":[{"name":"CVE-2023-28466","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-28466","cvss3ScoringVector":"CVSS:3.1\/AV:L\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"7.0","cwe":"CWE-416"}],"references":[],"publishedAt":"2023-08-31T16:54:43.486628Z","rpms":{"Rocky Linux 8":{"nvras":["kernel-rt-0:4.18.0-477.15.1.rt7.278.el8_8.src.rpm","kernel-rt-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-core-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-core-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-debuginfo-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-devel-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debuginfo-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-kvm-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-modules-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-debug-modules-extra-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-devel-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-kvm-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-modules-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm","kernel-rt-modules-extra-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm"]}},"rebootSuggested":false,"buildReferences":[]}

Rocky Linux: RLSA-2023:3819 kernel-rt security and bug fix update

August 31, 2023
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Summary

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference (CVE-2023-28466) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the Rocky Linux-8.8.z1 source tree. (BZ#2210299)

RPMs

kernel-rt-0:4.18.0-477.15.1.rt7.278.el8_8.src.rpm

kernel-rt-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-core-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-core-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-debuginfo-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-devel-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debuginfo-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-kvm-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-modules-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-debug-modules-extra-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-devel-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-kvm-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-modules-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

kernel-rt-modules-extra-0:4.18.0-477.15.1.rt7.278.el8_8.x86_64.rpm

References

No References

CVEs

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28466

Severity
Name: RLSA-2023:3819
Affected Products: Rocky Linux 8

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2179000


Related News

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

Sep 21, 2023

Critical Node.js Info Disclosure, Code Execution Bugs Fixed

Sep 23, 2023

GitHub Makes Passkeys Security Feature Available to All

Sep 23, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback