

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5102.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff


====================================================================
Red Hat Security Advisory

Synopsis:           Important: kernel-rt security update
Advisory ID:        RHSA-2024:5102-03
Product:            Red Hat Enterprise Linux
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:5102
Issue date:         2024-08-08
Revision:           03
CVE Names:          CVE-2021-46939
====================================================================

Summary: 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.


Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)

* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)

* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)

* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)

* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)

* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)

* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)

* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)

* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)

* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)

* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)

* kernel: dyndbg: fix old BUG_ON in &gt;control parser (CVE-2024-35947)

* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)

* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)

* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)

* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)

* kernel: Revert \"net/mlx5: Block entering switchdev mode with ns inconsistency\" (CVE-2023-52658)

* kernel: crash due to a missing check for leb_size (CVE-2024-25739)

* kernel: tcp: make sure init the accept_queue&#39;s spinlocks once (CVE-2024-26614)

* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)

* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)

* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)

* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)

* kernel: wifi: iwlwifi: mvm: don&#39;t set the MFP flag for the GTK (CVE-2024-27434)

* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)

* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)

* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)

* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)

* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)

* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)

* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)

* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)

* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)

* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)

* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)

* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)

* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)

* (CVE-2023-52832)
* (CVE-2023-52803)
* (CVE-2023-52756)
* (CVE-2023-52834)
* (CVE-2023-52791)
* (CVE-2023-52764)
* (CVE-2021-47468)
* (CVE-2021-47284)
* (CVE-2024-36025)
* (CVE-2024-36941)
* (CVE-2024-36940)
* (CVE-2024-36904)
* (CVE-2024-36896)
* (CVE-2024-36954)
* (CVE-2024-36950)
* (CVE-2024-38575)
* (CVE-2024-36917)
* (CVE-2024-36016)
* (CVE-2023-52762)
* (CVE-2024-27025)
* (CVE-2021-47548)
* (CVE-2023-52619)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.


Solution:

https://access.redhat.com/articles/11258


CVEs:

CVE-2021-46939

References:

https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2263879
https://bugzilla.redhat.com/show_bug.cgi?id=2265645
https://bugzilla.redhat.com/show_bug.cgi?id=2265797
https://bugzilla.redhat.com/show_bug.cgi?id=2266341
https://bugzilla.redhat.com/show_bug.cgi?id=2266347
https://bugzilla.redhat.com/show_bug.cgi?id=2266497
https://bugzilla.redhat.com/show_bug.cgi?id=2267787
https://bugzilla.redhat.com/show_bug.cgi?id=2268118
https://bugzilla.redhat.com/show_bug.cgi?id=2269070
https://bugzilla.redhat.com/show_bug.cgi?id=2269211
https://bugzilla.redhat.com/show_bug.cgi?id=2270084
https://bugzilla.redhat.com/show_bug.cgi?id=2270100
https://bugzilla.redhat.com/show_bug.cgi?id=2271686
https://bugzilla.redhat.com/show_bug.cgi?id=2271688
https://bugzilla.redhat.com/show_bug.cgi?id=2272782
https://bugzilla.redhat.com/show_bug.cgi?id=2272795
https://bugzilla.redhat.com/show_bug.cgi?id=2273109
https://bugzilla.redhat.com/show_bug.cgi?id=2273174
https://bugzilla.redhat.com/show_bug.cgi?id=2273236
https://bugzilla.redhat.com/show_bug.cgi?id=2273242
https://bugzilla.redhat.com/show_bug.cgi?id=2273247
https://bugzilla.redhat.com/show_bug.cgi?id=2273268
https://bugzilla.redhat.com/show_bug.cgi?id=2273427
https://bugzilla.redhat.com/show_bug.cgi?id=2273654
https://bugzilla.redhat.com/show_bug.cgi?id=2275565
https://bugzilla.redhat.com/show_bug.cgi?id=2275573
https://bugzilla.redhat.com/show_bug.cgi?id=2275580
https://bugzilla.redhat.com/show_bug.cgi?id=2275694
https://bugzilla.redhat.com/show_bug.cgi?id=2275711
https://bugzilla.redhat.com/show_bug.cgi?id=2275748
https://bugzilla.redhat.com/show_bug.cgi?id=2275761
https://bugzilla.redhat.com/show_bug.cgi?id=2275928
https://bugzilla.redhat.com/show_bug.cgi?id=2277166
https://bugzilla.redhat.com/show_bug.cgi?id=2277238
https://bugzilla.redhat.com/show_bug.cgi?id=2277840
https://bugzilla.redhat.com/show_bug.cgi?id=2278176
https://bugzilla.redhat.com/show_bug.cgi?id=2278178
https://bugzilla.redhat.com/show_bug.cgi?id=2278182
https://bugzilla.redhat.com/show_bug.cgi?id=2278218
https://bugzilla.redhat.com/show_bug.cgi?id=2278256
https://bugzilla.redhat.com/show_bug.cgi?id=2278258
https://bugzilla.redhat.com/show_bug.cgi?id=2278277
https://bugzilla.redhat.com/show_bug.cgi?id=2278279
https://bugzilla.redhat.com/show_bug.cgi?id=2278380
https://bugzilla.redhat.com/show_bug.cgi?id=2278484
https://bugzilla.redhat.com/show_bug.cgi?id=2278515
https://bugzilla.redhat.com/show_bug.cgi?id=2278535
https://bugzilla.redhat.com/show_bug.cgi?id=2278539
https://bugzilla.redhat.com/show_bug.cgi?id=2278989
https://bugzilla.redhat.com/show_bug.cgi?id=2280440
https://bugzilla.redhat.com/show_bug.cgi?id=2281054
https://bugzilla.redhat.com/show_bug.cgi?id=2281133
https://bugzilla.redhat.com/show_bug.cgi?id=2281149
https://bugzilla.redhat.com/show_bug.cgi?id=2281207
https://bugzilla.redhat.com/show_bug.cgi?id=2281215
https://bugzilla.redhat.com/show_bug.cgi?id=2281221
https://bugzilla.redhat.com/show_bug.cgi?id=2281235
https://bugzilla.redhat.com/show_bug.cgi?id=2281268
https://bugzilla.redhat.com/show_bug.cgi?id=2281326
https://bugzilla.redhat.com/show_bug.cgi?id=2281360
https://bugzilla.redhat.com/show_bug.cgi?id=2281510
https://bugzilla.redhat.com/show_bug.cgi?id=2281519
https://bugzilla.redhat.com/show_bug.cgi?id=2281636
https://bugzilla.redhat.com/show_bug.cgi?id=2281641
https://bugzilla.redhat.com/show_bug.cgi?id=2281664
https://bugzilla.redhat.com/show_bug.cgi?id=2281667
https://bugzilla.redhat.com/show_bug.cgi?id=2281672
https://bugzilla.redhat.com/show_bug.cgi?id=2281675
https://bugzilla.redhat.com/show_bug.cgi?id=2281682
https://bugzilla.redhat.com/show_bug.cgi?id=2281725
https://bugzilla.redhat.com/show_bug.cgi?id=2281752
https://bugzilla.redhat.com/show_bug.cgi?id=2281758
https://bugzilla.redhat.com/show_bug.cgi?id=2281819
https://bugzilla.redhat.com/show_bug.cgi?id=2281821
https://bugzilla.redhat.com/show_bug.cgi?id=2281833
https://bugzilla.redhat.com/show_bug.cgi?id=2281938
https://bugzilla.redhat.com/show_bug.cgi?id=2281949
https://bugzilla.redhat.com/show_bug.cgi?id=2281968
https://bugzilla.redhat.com/show_bug.cgi?id=2281989
https://bugzilla.redhat.com/show_bug.cgi?id=2282328
https://bugzilla.redhat.com/show_bug.cgi?id=2282373
https://bugzilla.redhat.com/show_bug.cgi?id=2282479
https://bugzilla.redhat.com/show_bug.cgi?id=2282553
https://bugzilla.redhat.com/show_bug.cgi?id=2282615
https://bugzilla.redhat.com/show_bug.cgi?id=2282623
https://bugzilla.redhat.com/show_bug.cgi?id=2282640
https://bugzilla.redhat.com/show_bug.cgi?id=2282642
https://bugzilla.redhat.com/show_bug.cgi?id=2282645
https://bugzilla.redhat.com/show_bug.cgi?id=2282717
https://bugzilla.redhat.com/show_bug.cgi?id=2282719
https://bugzilla.redhat.com/show_bug.cgi?id=2282727
https://bugzilla.redhat.com/show_bug.cgi?id=2282742
https://bugzilla.redhat.com/show_bug.cgi?id=2282743
https://bugzilla.redhat.com/show_bug.cgi?id=2282744
https://bugzilla.redhat.com/show_bug.cgi?id=2282759
https://bugzilla.redhat.com/show_bug.cgi?id=2282763
https://bugzilla.redhat.com/show_bug.cgi?id=2282766
https://bugzilla.redhat.com/show_bug.cgi?id=2282772
https://bugzilla.redhat.com/show_bug.cgi?id=2282780
https://bugzilla.redhat.com/show_bug.cgi?id=2282887
https://bugzilla.redhat.com/show_bug.cgi?id=2282896
https://bugzilla.redhat.com/show_bug.cgi?id=2282923
https://bugzilla.redhat.com/show_bug.cgi?id=2282925
https://bugzilla.redhat.com/show_bug.cgi?id=2282950
https://bugzilla.redhat.com/show_bug.cgi?id=2283401
https://bugzilla.redhat.com/show_bug.cgi?id=2283894
https://bugzilla.redhat.com/show_bug.cgi?id=2284400
https://bugzilla.redhat.com/show_bug.cgi?id=2284417
https://bugzilla.redhat.com/show_bug.cgi?id=2284421
https://bugzilla.redhat.com/show_bug.cgi?id=2284474
https://bugzilla.redhat.com/show_bug.cgi?id=2284477
https://bugzilla.redhat.com/show_bug.cgi?id=2284488
https://bugzilla.redhat.com/show_bug.cgi?id=2284496
https://bugzilla.redhat.com/show_bug.cgi?id=2284500
https://bugzilla.redhat.com/show_bug.cgi?id=2284513
https://bugzilla.redhat.com/show_bug.cgi?id=2284519
https://bugzilla.redhat.com/show_bug.cgi?id=2284539
https://bugzilla.redhat.com/show_bug.cgi?id=2284541
https://bugzilla.redhat.com/show_bug.cgi?id=2284556
https://bugzilla.redhat.com/show_bug.cgi?id=2284571
https://bugzilla.redhat.com/show_bug.cgi?id=2284590
https://bugzilla.redhat.com/show_bug.cgi?id=2284625
https://bugzilla.redhat.com/show_bug.cgi?id=2290408
https://bugzilla.redhat.com/show_bug.cgi?id=2292331
https://bugzilla.redhat.com/show_bug.cgi?id=2293078
https://bugzilla.redhat.com/show_bug.cgi?id=2293250
https://bugzilla.redhat.com/show_bug.cgi?id=2293276
https://bugzilla.redhat.com/show_bug.cgi?id=2293312
https://bugzilla.redhat.com/show_bug.cgi?id=2293316
https://bugzilla.redhat.com/show_bug.cgi?id=2293348
https://bugzilla.redhat.com/show_bug.cgi?id=2293371
https://bugzilla.redhat.com/show_bug.cgi?id=2293383
https://bugzilla.redhat.com/show_bug.cgi?id=2293418
https://bugzilla.redhat.com/show_bug.cgi?id=2293420
https://bugzilla.redhat.com/show_bug.cgi?id=2293444
https://bugzilla.redhat.com/show_bug.cgi?id=2293461
https://bugzilla.redhat.com/show_bug.cgi?id=2293653
https://bugzilla.redhat.com/show_bug.cgi?id=2293657
https://bugzilla.redhat.com/show_bug.cgi?id=2293684
https://bugzilla.redhat.com/show_bug.cgi?id=2293687
https://bugzilla.redhat.com/show_bug.cgi?id=2293700
https://bugzilla.redhat.com/show_bug.cgi?id=2293711
https://bugzilla.redhat.com/show_bug.cgi?id=2294274
https://bugzilla.redhat.com/show_bug.cgi?id=2295914
https://bugzilla.redhat.com/show_bug.cgi?id=2296067
https://bugzilla.redhat.com/show_bug.cgi?id=2297056
https://bugzilla.redhat.com/show_bug.cgi?id=2297474
https://bugzilla.redhat.com/show_bug.cgi?id=2298108