{"id":"ALSA-2024:3627","summary":"Moderate: kernel-rt security and bug fix update","details":"The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)\n* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)\n* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)\n* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)\n* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)\n* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)\n* kernel: use after free in i2c (CVE-2019-25162)\n* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)\n* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)\n* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)\n* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)\n* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)\n* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)\n* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)\n* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)\n* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)\n* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)\n* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)\n* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)\n* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)\n* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)\n* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)\n* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)\n* kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153)\n* kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)\n* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)\n* kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)\n* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)\n* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)\n* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)\n* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)\n* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)\n* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)\n* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)\n* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)\n* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)\n* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)\n* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)\n* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest AlmaLinux-8.10.z kernel (JIRA:AlmaLinux-34640)\n* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:AlmaLinux-23022)","modified":"2026-02-04T03:17:51.704938Z","published":"2024-06-05T00:00:00Z","related":["CVE-2019-25162","CVE-2020-36777","CVE-2021-46934","CVE-2021-47055","CVE-2021-47118","CVE-2021-47153","CVE-2021-47185","CVE-2022-48627","CVE-2023-52445","CVE-2023-52477","CVE-2023-52513","CVE-2023-52520","CVE-2023-52528","CVE-2023-52565","CVE-2023-52578","CVE-2023-52610","CVE-2023-6240","CVE-2024-0340","CVE-2024-23307","CVE-2024-25744","CVE-2024-26593","CVE-2024-26603","CVE-2024-26615","CVE-2024-26642","CVE-2024-26643","CVE-2024-26659","CVE-2024-26664","CVE-2024-26743","CVE-2024-26744","CVE-2024-26779","CVE-2024-26872","CVE-2024-26901","CVE-2024-26919","CVE-2024-26933","CVE-2024-26934","CVE-2024-26964","CVE-2024-26973","CVE-2024-26993","CVE-2024-27059"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:3627"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-25162"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-36777"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-46934"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-47013"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-47055"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-47118"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-47153"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-47171"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-47185"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-48627"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52439"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52445"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52477"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52513"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52520"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52528"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52565"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52578"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52594"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52595"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-52610"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-6240"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-0340"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-23307"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-25744"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26593"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26603"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26610"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26615"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26642"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26643"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26659"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26664"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26693"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26694"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26743"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26744"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26779"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26872"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26892"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26897"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26901"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26919"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26933"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26934"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26964"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26973"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-26993"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-27014"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-27048"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-27052"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-27056"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-27059"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2250843"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2257406"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2263875"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2265271"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2265646"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2265654"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2265833"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2266296"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2266446"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2266746"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2266841"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267038"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267185"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267355"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267509"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267705"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267724"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267758"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267789"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267797"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2267804"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2268315"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2268317"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2269213"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2269856"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2270080"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2270879"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2270881"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2271469"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2271476"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2272780"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2272791"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2273092"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2273094"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2273223"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2273260"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2273262"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2274624"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2275645"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2275655"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2275666"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2275707"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2275777"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278169"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278237"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278240"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278314"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278356"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278398"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278409"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278417"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2278431"},{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2024-3627.html"}],"affected":[{"package":{"name":"kernel-rt","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-core","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-debug","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-debug"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-debug-core","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-debug-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-debug-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-debug-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-debug-kvm","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-debug-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-debug-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-debug-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-debug-modules-extra","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-debug-modules-extra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-kvm","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}},{"package":{"name":"kernel-rt-modules-extra","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-rt-modules-extra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.5.1.rt7.346.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:3627.json"}}],"schema_version":"1.7.3"}