CVE-2024-35898
medium
CVSS v3
5.5
CVSS v4 NEW
β
VIR risk
5.5
Description
RHSA-2024:8870: kernel-rt security update (Moderate)
Predictions
Exploit likelihood
55%
Patch ETA
β
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Source: Red Hat Errata β Red Hat Inc. Β· View original β Β· Open-Errata-API
Description kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10RHSA-2024:88702024-11-05T00:00:00Z Red Hat Enterprise Linuxβ¦
Description
kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10 | RHSA-2024:8870 | 2024-11-05T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-553.27.1.el8_10 | RHSA-2024:8856 | 2024-11-05T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | kernel-0:4.18.0-372.123.1.el8_6 | RHSA-2024:6753 | 2024-09-18T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | kernel-0:4.18.0-372.123.1.el8_6 | RHSA-2024:6753 | 2024-09-18T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | kernel-0:4.18.0-372.123.1.el8_6 | RHSA-2024:6753 | 2024-09-18T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Extended Update Support | kernel-0:4.18.0-477.74.1.el8_8 | RHSA-2024:6993 | 2024-09-24T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.33.1.el9_4 | RHSA-2024:5928 | 2024-08-28T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.33.1.el9_4 | RHSA-2024:5928 | 2024-08-28T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | kernel-0:5.14.0-70.112.1.el9_0 | RHSA-2024:5257 | 2024-08-13T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0 | RHSA-2024:5256 | 2024-08-13T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel-0:5.14.0-284.73.1.el9_2 | RHSA-2024:4533 | 2024-07-15T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel-rt-0:5.14.0-284.73.1.rt14.358.el9_2 | RHSA-2024:4554 | 2024-07-15T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected |
| Red Hat Enterprise Linux 7 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope |
| Red Hat Enterprise Linux 9 | kernel-rt | Affected |
Apply commands
Apply RHSA-2024:8870 for Red Hat Enterprise Linux 8
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 6 | Not affected |
| redhat | Red Hat Enterprise Linux 9 | Affected |
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 8 | fixed | |
| sles | affected | | |
| debian | bookworm | fixed | 6.1.85-1 |
| debian | bullseye | fixed | 5.10.216-1 |
| debian | forky | fixed | 6.8.9-1 |
| debian | sid | fixed | 6.8.9-1 |
| debian | trixie | fixed | 6.8.9-1 |
| debian | 10.0 | affected | |
| linux-kernel | affected | 4.19.312 | |
| linux-kernel | 6.9 | affected | |
| almalinux | 9 | fixed | perf-5.14.0-427.33.1.el9_4.aarch64.rpm |
| rhel | 8 | fixed | |
References
- https://access.redhat.com/errata/RHSA-2024:5928
- https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304
- https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8
- https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007
- https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df
- https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331
- https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b
- https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77
- https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://errata.rockylinux.org/RLSA-2024:8870
- https://errata.rockylinux.org/RLSA-2024:8856
- https://www.suse.com/security/cve/CVE-2024-35898.html
- https://security-tracker.debian.org/tracker/CVE-2024-35898
- https://access.redhat.com/errata/RHSA-2024:8856
- https://bugzilla.redhat.com/2266247
- https://bugzilla.redhat.com/2269183
- https://bugzilla.redhat.com/2275750
- https://bugzilla.redhat.com/2277168
- https://bugzilla.redhat.com/2278262
- https://bugzilla.redhat.com/2278350
- https://bugzilla.redhat.com/2278387
- https://bugzilla.redhat.com/2281284
CWEs
CWE-362
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.