Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-48936 (GCVE-0-2022-48936)
Vulnerability from cvelistv5 – Published: 2024-08-22 03:31 – Updated: 2024-08-31 05:37
VLAI?
EPSS
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2024-08-31T05:37:21.787Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48936",
"datePublished": "2024-08-22T03:31:30.847Z",
"dateRejected": "2024-08-31T05:37:21.787Z",
"dateReserved": "2024-08-22T01:27:53.622Z",
"dateUpdated": "2024-08-31T05:37:21.787Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"cna\": {\"rejectedReasons\": [{\"lang\": \"en\", \"value\": \"This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-08-31T05:37:21.787Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-48936\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"state\": \"REJECTED\", \"assignerShortName\": \"Linux\", \"dateReserved\": \"2024-08-22T01:27:53.622Z\", \"datePublished\": \"2024-08-22T03:31:30.847Z\", \"dateUpdated\": \"2024-08-31T05:37:21.787Z\", \"dateRejected\": \"2024-08-31T05:37:21.787Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-FRR7-RGVG-V3P9
Vulnerability from github – Published: 2024-08-22 06:30 – Updated: 2024-08-22 21:31
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
gso: do not skip outer ip header in case of ipip and net_failover
We encounter a tcp drop issue in our cloud environment. Packet GROed in host forwards to a VM virtio_net nic with net_failover enabled. VM acts as a IPVS LB with ipip encapsulation. The full path like: host gro -> vm virtio_net rx -> net_failover rx -> ipvs fullnat -> ipip encap -> net_failover tx -> virtio_net tx
When net_failover transmits a ipip pkt (gso_type = 0x0103, which means SKB_GSO_TCPV4, SKB_GSO_DODGY and SKB_GSO_IPXIP4), there is no gso did because it supports TSO and GSO_IPXIP4. But network_header points to inner ip header.
Call Trace: tcp4_gso_segment ------> return NULL inet_gso_segment ------> inner iph, network_header points to ipip_gso_segment inet_gso_segment ------> outer iph skb_mac_gso_segment
Afterwards virtio_net transmits the pkt, only inner ip header is modified. And the outer one just keeps unchanged. The pkt will be dropped in remote host.
Call Trace: inet_gso_segment ------> inner iph, outer iph is skipped skb_mac_gso_segment __skb_gso_segment validate_xmit_skb validate_xmit_skb_list sch_direct_xmit __qdisc_run __dev_queue_xmit ------> virtio_net dev_hard_start_xmit __dev_queue_xmit ------> net_failover ip_finish_output2 ip_output iptunnel_xmit ip_tunnel_xmit ipip_tunnel_xmit ------> ipip dev_hard_start_xmit __dev_queue_xmit ip_finish_output2 ip_output ip_forward ip_rcv __netif_receive_skb_one_core netif_receive_skb_internal napi_gro_receive receive_buf virtnet_poll net_rx_action
The root cause of this issue is specific with the rare combination of SKB_GSO_DODGY and a tunnel device that adds an SKB_GSO_ tunnel option. SKB_GSO_DODGY is set from external virtio_net. We need to reset network header when callbacks.gso_segment() returns NULL.
This patch also includes ipv6_gso_segment(), considering SIT, etc.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2022-48936"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-22T04:15:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ngso: do not skip outer ip header in case of ipip and net_failover\n\nWe encounter a tcp drop issue in our cloud environment. Packet GROed in\nhost forwards to a VM virtio_net nic with net_failover enabled. VM acts\nas a IPVS LB with ipip encapsulation. The full path like:\nhost gro -\u003e vm virtio_net rx -\u003e net_failover rx -\u003e ipvs fullnat\n -\u003e ipip encap -\u003e net_failover tx -\u003e virtio_net tx\n\nWhen net_failover transmits a ipip pkt (gso_type = 0x0103, which means\nSKB_GSO_TCPV4, SKB_GSO_DODGY and SKB_GSO_IPXIP4), there is no gso\ndid because it supports TSO and GSO_IPXIP4. But network_header points to\ninner ip header.\n\nCall Trace:\n tcp4_gso_segment ------\u003e return NULL\n inet_gso_segment ------\u003e inner iph, network_header points to\n ipip_gso_segment\n inet_gso_segment ------\u003e outer iph\n skb_mac_gso_segment\n\nAfterwards virtio_net transmits the pkt, only inner ip header is modified.\nAnd the outer one just keeps unchanged. The pkt will be dropped in remote\nhost.\n\nCall Trace:\n inet_gso_segment ------\u003e inner iph, outer iph is skipped\n skb_mac_gso_segment\n __skb_gso_segment\n validate_xmit_skb\n validate_xmit_skb_list\n sch_direct_xmit\n __qdisc_run\n __dev_queue_xmit ------\u003e virtio_net\n dev_hard_start_xmit\n __dev_queue_xmit ------\u003e net_failover\n ip_finish_output2\n ip_output\n iptunnel_xmit\n ip_tunnel_xmit\n ipip_tunnel_xmit ------\u003e ipip\n dev_hard_start_xmit\n __dev_queue_xmit\n ip_finish_output2\n ip_output\n ip_forward\n ip_rcv\n __netif_receive_skb_one_core\n netif_receive_skb_internal\n napi_gro_receive\n receive_buf\n virtnet_poll\n net_rx_action\n\nThe root cause of this issue is specific with the rare combination of\nSKB_GSO_DODGY and a tunnel device that adds an SKB_GSO_ tunnel option.\nSKB_GSO_DODGY is set from external virtio_net. We need to reset network\nheader when callbacks.gso_segment() returns NULL.\n\nThis patch also includes ipv6_gso_segment(), considering SIT, etc.",
"id": "GHSA-frr7-rgvg-v3p9",
"modified": "2024-08-22T21:31:29Z",
"published": "2024-08-22T06:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48936"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2b3cdd70ea5f5a694f95ea1788393fb3b83071ea"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/45d006c2c7ed7baf1fa258fa7b5bc9923d3a983e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7840e559799a08a8588ee6de27516a991cb2e5e7"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/899e56a1ad435261812355550ae869d8be3df395"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a739963f43269297c3f438b776194542e2a97499"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cc20cced0598d9a5ff91ae4ab147b3b5e99ee819"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dac2490d9ee0b89dffc72f1172b8bbeb60eaec39"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e9ffbe63f6f32f526a461756309b61c395168d73"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
cve-2022-48936
Vulnerability from osv_almalinux
Published
2024-11-05 00:00
Modified
2024-11-06 09:52
Summary
Moderate: kernel-rt security update
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)
- kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)
- kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)
- kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
- kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)
- kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)
- kernel: nouveau: lock the client object tree. (CVE-2024-27062)
- kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)
- kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
- kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)
- kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
- kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
- kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)
- kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
- kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)
- kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)
- kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)
- kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
- kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)
- kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)
- kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
- kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)
- kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
- kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)
- kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)
- kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)
- kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)
- kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)
- kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
- kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
- kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)
- kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)
- kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)
- kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)
- kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)
- kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)
- kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)
- kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)
- kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
- kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)
- kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)
- kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-rt-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.rt7.368.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. \n\nSecurity Fix(es): \n\n * kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)\n * kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)\n * kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)\n * kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)\n * kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)\n * kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)\n * kernel: nouveau: lock the client object tree. (CVE-2024-27062)\n * kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)\n * kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)\n * kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)\n * kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)\n * kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)\n * kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)\n * kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)\n * kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)\n * kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)\n * kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)\n * kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)\n * kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34; (CVE-2024-40984)\n * kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)\n * kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)\n * kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)\n * kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)\n * kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)\n * kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)\n * kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)\n * kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)\n * kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)\n * kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)\n * kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)\n * kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)\n * kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)\n * kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)\n * kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)\n * kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)\n * kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)\n * kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)\n * kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)\n * kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)\n * kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)\n * kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)\n * kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2024:8870",
"modified": "2024-11-06T09:52:31Z",
"published": "2024-11-05T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-48773"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-48936"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-52492"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-24857"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-26851"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-26924"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-26976"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-27017"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-27062"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-35839"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-35898"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-35939"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38540"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38541"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38586"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38608"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-39503"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40924"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40961"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40983"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40984"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41009"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41042"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41066"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41092"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41093"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42070"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42079"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42244"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42284"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42292"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42301"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43854"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43880"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43889"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43892"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-44935"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-44989"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-44990"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-45018"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-46826"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47668"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2266247"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2269183"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2275750"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2277168"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2278262"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2278350"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2278387"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2281284"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2281669"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2281817"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293356"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293402"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293458"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293459"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297475"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297508"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297545"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297567"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297568"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2298109"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2298412"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300412"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300442"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300487"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300488"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300508"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300517"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2307862"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2307865"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2307892"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2309852"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2309853"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2311715"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2315178"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2317601"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-8870.html"
}
],
"related": [
"CVE-2024-24857",
"CVE-2023-52492",
"CVE-2024-26851",
"CVE-2024-26924",
"CVE-2024-27017",
"CVE-2024-26976",
"CVE-2024-27062",
"CVE-2024-35839",
"CVE-2024-35898",
"CVE-2024-35939",
"CVE-2024-38608",
"CVE-2024-38586",
"CVE-2024-38541",
"CVE-2024-38540",
"CVE-2024-39503",
"CVE-2024-40924",
"CVE-2024-40961",
"CVE-2024-40983",
"CVE-2024-40984",
"CVE-2022-48773",
"CVE-2024-41009",
"CVE-2024-41042",
"CVE-2024-41066",
"CVE-2024-41092",
"CVE-2024-41093",
"CVE-2024-42070",
"CVE-2024-42079",
"CVE-2024-42244",
"CVE-2024-42284",
"CVE-2024-42292",
"CVE-2024-42301",
"CVE-2024-43854",
"CVE-2024-43880",
"CVE-2022-48936",
"CVE-2024-43889",
"CVE-2024-43892",
"CVE-2024-44935",
"CVE-2024-44989",
"CVE-2024-44990",
"CVE-2024-45018",
"CVE-2024-46826",
"CVE-2024-47668"
],
"summary": "Moderate: kernel-rt security update"
}
cve-2022-48936
Vulnerability from osv_almalinux
Published
2024-11-05 00:00
Modified
2024-11-06 09:58
Summary
Moderate: kernel security update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)
- kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)
- kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)
- kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
- kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)
- kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)
- kernel: nouveau: lock the client object tree. (CVE-2024-27062)
- kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)
- kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
- kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)
- kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
- kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
- kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)
- kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
- kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)
- kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)
- kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)
- kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
- kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)
- kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)
- kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
- kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)
- kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
- kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)
- kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)
- kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)
- kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)
- kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)
- kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
- kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
- kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)
- kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)
- kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)
- kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)
- kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)
- kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)
- kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)
- kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)
- kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
- kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)
- kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)
- kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "bpftool"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-553.27.1.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system. \n\nSecurity Fix(es): \n\n * kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)\n * kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)\n * kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)\n * kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)\n * kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)\n * kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)\n * kernel: nouveau: lock the client object tree. (CVE-2024-27062)\n * kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)\n * kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)\n * kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)\n * kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)\n * kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)\n * kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)\n * kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)\n * kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)\n * kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)\n * kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)\n * kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)\n * kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34; (CVE-2024-40984)\n * kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)\n * kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)\n * kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)\n * kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)\n * kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)\n * kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)\n * kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)\n * kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)\n * kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)\n * kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)\n * kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)\n * kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)\n * kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)\n * kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)\n * kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)\n * kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)\n * kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)\n * kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)\n * kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)\n * kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)\n * kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)\n * kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)\n * kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2024:8856",
"modified": "2024-11-06T09:58:25Z",
"published": "2024-11-05T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:8856"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-48773"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-48936"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-52492"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-24857"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-26851"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-26924"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-26976"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-27017"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-27062"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-35839"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-35898"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-35939"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38540"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38541"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38586"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-38608"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-39503"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40924"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40961"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40983"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-40984"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41009"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41042"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41066"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41092"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-41093"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42070"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42079"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42244"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42284"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42292"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-42301"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43854"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43880"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43889"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-43892"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-44935"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-44989"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-44990"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-45018"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-46826"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-47668"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2266247"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2269183"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2275750"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2277168"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2278262"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2278350"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2278387"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2281284"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2281669"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2281817"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293356"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293402"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293458"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2293459"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297475"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297508"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297545"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297567"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2297568"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2298109"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2298412"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300412"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300442"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300487"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300488"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300508"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2300517"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2307862"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2307865"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2307892"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2309852"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2309853"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2311715"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2315178"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2317601"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-8856.html"
}
],
"related": [
"CVE-2024-24857",
"CVE-2023-52492",
"CVE-2024-26851",
"CVE-2024-26924",
"CVE-2024-27017",
"CVE-2024-26976",
"CVE-2024-27062",
"CVE-2024-35839",
"CVE-2024-35898",
"CVE-2024-35939",
"CVE-2024-38608",
"CVE-2024-38586",
"CVE-2024-38541",
"CVE-2024-38540",
"CVE-2024-39503",
"CVE-2024-40924",
"CVE-2024-40961",
"CVE-2024-40983",
"CVE-2024-40984",
"CVE-2022-48773",
"CVE-2024-41009",
"CVE-2024-41042",
"CVE-2024-41066",
"CVE-2024-41092",
"CVE-2024-41093",
"CVE-2024-42070",
"CVE-2024-42079",
"CVE-2024-42244",
"CVE-2024-42284",
"CVE-2024-42292",
"CVE-2024-42301",
"CVE-2024-43854",
"CVE-2024-43880",
"CVE-2022-48936",
"CVE-2024-43889",
"CVE-2024-43892",
"CVE-2024-44935",
"CVE-2024-44989",
"CVE-2024-44990",
"CVE-2024-45018",
"CVE-2024-46826",
"CVE-2024-47668"
],
"summary": "Moderate: kernel security update"
}
FKIE_CVE-2022-48936
Vulnerability from fkie_nvd - Published: 2024-08-22 04:15 - Updated: 2024-08-31 06:15
Severity ?
Summary
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
References
| URL | Tags |
|---|
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"id": "CVE-2022-48936",
"lastModified": "2024-08-31T06:15:06.460",
"metrics": {},
"published": "2024-08-22T04:15:16.950",
"references": [],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Rejected"
}
CERTFR-2024-AVI-0956
Vulnerability from certfr_avis - Published: 2024-11-08 - Updated: 2024-11-08
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 8 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 8 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-46826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46826"
},
{
"name": "CVE-2024-42070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
},
{
"name": "CVE-2024-41093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
},
{
"name": "CVE-2024-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35939"
},
{
"name": "CVE-2024-41009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41009"
},
{
"name": "CVE-2024-39503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39503"
},
{
"name": "CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"name": "CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"name": "CVE-2024-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-26976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26976"
},
{
"name": "CVE-2023-52492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
},
{
"name": "CVE-2024-27062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27062"
},
{
"name": "CVE-2024-35839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35839"
},
{
"name": "CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"name": "CVE-2024-38586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-40983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40983"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2024-35898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
},
{
"name": "CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"name": "CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"name": "CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"name": "CVE-2024-42244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
},
{
"name": "CVE-2022-48936",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48936"
},
{
"name": "CVE-2024-26851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26851"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2024-40984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"name": "CVE-2024-26924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26924"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"initial_release_date": "2024-11-08T00:00:00",
"last_revision_date": "2024-11-08T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0956",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Red Hat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
"vendor_advisories": [
{
"published_at": "2024-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2024:8856",
"url": "https://access.redhat.com/errata/RHSA-2024:8856"
},
{
"published_at": "2024-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2024:8870",
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
]
}
CVE-2022-48936
Vulnerability from fstec - Published: 22.08.2024
VLAI Severity ?
Title
Уязвимость компонента gso ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость компонента gso ядра операционной системы Linux связана с отсутствием пропуска внешнего заголовка ip. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity ?
Vendor
ООО «Ред Софт», Сообщество свободного программного обеспечения, АО «НТЦ ИТ РОСА»
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), Linux, ROSA Virtualization 3.0 (запись в едином реестре российских программ №21308)
Software Version
7.3 (РЕД ОС), от 4.20 до 5.4.181 (Linux), от 5.11 до 5.15.25 (Linux), от 5.16 до 5.16.11 (Linux), от 5.5 до 5.10.102 (Linux), от 3.13 до 4.9.303 (Linux), от 4.10 до 4.14.268 (Linux), от 4.15 до 4.19.231 (Linux), 3.0 (ROSA Virtualization 3.0)
Possible Mitigations
Для Linux:
Обновление программного обеспечения до актуальной версии
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для программной системы управления средой виртуализации с подсистемой безагентного резервного копирования виртуальных машин «ROSA Virtualization 3.0»: https://abf.rosa.ru/advisories/ROSA-SA-2025-2861
Reference
https://redos.red-soft.ru/support/secure/
https://abf.rosa.ru/advisories/ROSA-SA-2025-2861
CWE
CWE-667
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u043e\u0442 4.20 \u0434\u043e 5.4.181 (Linux), \u043e\u0442 5.11 \u0434\u043e 5.15.25 (Linux), \u043e\u0442 5.16 \u0434\u043e 5.16.11 (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.102 (Linux), \u043e\u0442 3.13 \u0434\u043e 4.9.303 (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.268 (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.231 (Linux), 3.0 (ROSA Virtualization 3.0)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0431\u0435\u0437\u0430\u0433\u0435\u043d\u0442\u043d\u043e\u0433\u043e \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u00abROSA Virtualization 3.0\u00bb: https://abf.rosa.ru/advisories/ROSA-SA-2025-2861",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.08.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.08.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.09.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-06641",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-48936",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Linux, ROSA Virtualization 3.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211621308)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.181 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.15.25 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.16 \u0434\u043e 5.16.11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.102 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 3.13 \u0434\u043e 4.9.303 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.10 \u0434\u043e 4.14.268 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.231 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb ROSA Virtualization 3.0 3.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211621308)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 gso \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 (CWE-667)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 gso \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430 \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 ip. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u043e\u043a\u0430\u043c\u0438 \u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://redos.red-soft.ru/support/secure/\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-2861",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-667",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…