CVE-2024-26659
Description
RHSA-2024:3627: kernel-rt security and bug fix update (Moderate)
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description kernel: xhci: handle isoc Babble and Buffer Overrun events properly Red Hat statement Red Hat Product Security has classified the severity of this vulnerability as Moderate due to the specific prerequisites required for exploitation. Successful exploitation generally necessitates local access to the system with elevated permissions to interact with the Extensible Host Controller…
Description
kernel: xhci: handle isoc Babble and Buffer Overrun events properly
Red Hat statement
Red Hat Product Security has classified the severity of this vulnerability as Moderate due to the specific prerequisites required for exploitation. Successful exploitation generally necessitates local access to the system with elevated permissions to interact with the Extensible Host Controller Interface (xHCI) driver, which effectively translates to root-level access.
CVSS v3: 4.1 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10 | RHSA-2024:3627 | 2024-06-05T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-553.5.1.el8_10 | RHSA-2024:3618 | 2024-06-05T00:00:00Z |
| Red Hat Enterprise Linux 9.4 Extended Update Support | kernel-0:5.14.0-427.81.1.el9_4 | RHSA-2025:13135 | 2025-08-06T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope |
| Red Hat Enterprise Linux 9 | kernel | Affected |
| Red Hat Enterprise Linux 9 | kernel-rt | Fix deferred |
Apply commands
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 9 | Affected |
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rocky | 8 | fixed | |
| sles | affected | | |
| debian | bookworm | fixed | 6.1.82-1 |
| debian | bullseye | fixed | 5.10.216-1 |
| debian | forky | fixed | 6.7.7-1 |
| debian | sid | fixed | 6.7.7-1 |
| debian | trixie | fixed | 6.7.7-1 |
| linux-kernel | affected | 5.10.213 | |
| debian | 10.0 | affected | |
| linux-kernel | 6.8 | affected | |
| almalinux | 8 | fixed | kernel-abi-stablelists-4.18.0-553.5.1.el8_10.noarch.rpm |
| rhel | 8 | fixed | |
References
- https://git.kernel.org/stable/c/2aa7bcfdbb46241c701811bbc0d64d7884e3346c
- https://git.kernel.org/stable/c/2e3ec80ea7ba58bbb210e83b5a0afefee7c171d3
- https://git.kernel.org/stable/c/418456c0ce56209610523f21734c5612ee634134
- https://git.kernel.org/stable/c/696e4112e5c1ee61996198f0ebb6ca3fab55166e
- https://git.kernel.org/stable/c/7c4650ded49e5b88929ecbbb631efb8b0838e811
- https://git.kernel.org/stable/c/f5e7ffa9269a448a720e21f1ed1384d118298c97
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://errata.rockylinux.org/RLSA-2024:3627
- https://errata.rockylinux.org/RLSA-2024:3618
- https://www.suse.com/security/cve/CVE-2024-26659.html
- https://security-tracker.debian.org/tracker/CVE-2024-26659
- https://access.redhat.com/errata/RHSA-2024:3618
- https://bugzilla.redhat.com/2250843
- https://bugzilla.redhat.com/2257406
- https://bugzilla.redhat.com/2263875
- https://bugzilla.redhat.com/2265271
- https://bugzilla.redhat.com/2265646
- https://bugzilla.redhat.com/2265654
- https://bugzilla.redhat.com/2265833
- https://bugzilla.redhat.com/2266296
- https://bugzilla.redhat.com/2266446
- https://bugzilla.redhat.com/2266746
- https://bugzilla.redhat.com/2266841
- https://bugzilla.redhat.com/2267038
CWEs
CWE-787
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.