CVE-2024-35989
Description
Important: kernel security update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-8162.html
Vendor advisory: alma — https://bugzilla.redhat.com/2300517
Vendor advisory: alma — https://bugzilla.redhat.com/2297474
Vendor advisory: alma — https://bugzilla.redhat.com/2295921
Vendor advisory: alma — https://bugzilla.redhat.com/2293443
Vendor advisory: alma — https://bugzilla.redhat.com/2293078
Vendor advisory: alma — https://bugzilla.redhat.com/2284571
Vendor advisory: alma — https://bugzilla.redhat.com/2281149
Vendor advisory: alma — https://bugzilla.redhat.com/2281127
Vendor advisory: alma — https://bugzilla.redhat.com/2270700
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-7001.html
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:7001
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-7000.html
Vendor advisory: alma — https://bugzilla.redhat.com/2306365
Vendor advisory: alma — https://bugzilla.redhat.com/2305488
Vendor advisory: alma — https://bugzilla.redhat.com/2305467
Vendor advisory: alma — https://bugzilla.redhat.com/2305410
Vendor advisory: alma — https://bugzilla.redhat.com/2303514
Vendor advisory: alma — https://bugzilla.redhat.com/2303508
Vendor advisory: alma — https://bugzilla.redhat.com/2303506
Vendor advisory: alma — https://bugzilla.redhat.com/2303505
Vendor advisory: alma — https://bugzilla.redhat.com/2303077
Vendor advisory: alma — https://bugzilla.redhat.com/2301544
Vendor advisory: alma — https://bugzilla.redhat.com/2301543
Vendor advisory: alma — https://bugzilla.redhat.com/2301522
Vendor advisory: alma — https://bugzilla.redhat.com/2301519
Vendor advisory: alma — https://bugzilla.redhat.com/2301496
Vendor advisory: alma — https://bugzilla.redhat.com/2301489
Vendor advisory: alma — https://bugzilla.redhat.com/2301477
Vendor advisory: alma — https://bugzilla.redhat.com/2300713
Vendor advisory: alma — https://bugzilla.redhat.com/2300709
Vendor advisory: alma — https://bugzilla.redhat.com/2300552
Vendor advisory: alma — https://bugzilla.redhat.com/2300533
Vendor advisory: alma — https://bugzilla.redhat.com/2300492
Vendor advisory: alma — https://bugzilla.redhat.com/2300453
Vendor advisory: alma — https://bugzilla.redhat.com/2300448
Vendor advisory: alma — https://bugzilla.redhat.com/2300440
Vendor advisory: alma — https://bugzilla.redhat.com/2300439
Vendor advisory: alma — https://bugzilla.redhat.com/2300434
Vendor advisory: alma — https://bugzilla.redhat.com/2300430
Vendor advisory: alma — https://bugzilla.redhat.com/2300429
Vendor advisory: alma — https://bugzilla.redhat.com/2300414
Vendor advisory: alma — https://bugzilla.redhat.com/2300410
Vendor advisory: alma — https://bugzilla.redhat.com/2300409
Vendor advisory: alma — https://bugzilla.redhat.com/2300408
Vendor advisory: alma — https://bugzilla.redhat.com/2300407
Vendor advisory: alma — https://bugzilla.redhat.com/2300402
Vendor advisory: alma — https://bugzilla.redhat.com/2300381
Vendor advisory: alma — https://bugzilla.redhat.com/2300297
Vendor advisory: alma — https://bugzilla.redhat.com/2300296
Vendor advisory: alma — https://bugzilla.redhat.com/2299452
Vendor advisory: alma — https://bugzilla.redhat.com/2299336
Vendor advisory: alma — https://bugzilla.redhat.com/2299240
Vendor advisory: alma — https://bugzilla.redhat.com/2298640
Vendor advisory: alma — https://bugzilla.redhat.com/2298177
Vendor advisory: alma — https://bugzilla.redhat.com/2298140
Vendor advisory: alma — https://bugzilla.redhat.com/2298079
Vendor advisory: alma — https://bugzilla.redhat.com/2297909
Vendor advisory: alma — https://bugzilla.redhat.com/2297706
Vendor advisory: alma — https://bugzilla.redhat.com/2297589
Vendor advisory: alma — https://bugzilla.redhat.com/2297582
Vendor advisory: alma — https://bugzilla.redhat.com/2297581
Vendor advisory: alma — https://bugzilla.redhat.com/2297579
Vendor advisory: alma — https://bugzilla.redhat.com/2297573
Vendor advisory: alma — https://bugzilla.redhat.com/2297572
Vendor advisory: alma — https://bugzilla.redhat.com/2297562
Vendor advisory: alma — https://bugzilla.redhat.com/2297561
Vendor advisory: alma — https://bugzilla.redhat.com/2297556
Vendor advisory: alma — https://bugzilla.redhat.com/2297544
Vendor advisory: alma — https://bugzilla.redhat.com/2297543
Vendor advisory: alma — https://bugzilla.redhat.com/2297542
Vendor advisory: alma — https://bugzilla.redhat.com/2297538
Vendor advisory: alma — https://bugzilla.redhat.com/2297525
Vendor advisory: alma — https://bugzilla.redhat.com/2297515
Vendor advisory: alma — https://bugzilla.redhat.com/2297513
Vendor advisory: alma — https://bugzilla.redhat.com/2297496
Vendor advisory: alma — https://bugzilla.redhat.com/2297495
Vendor advisory: alma — https://bugzilla.redhat.com/2297488
Vendor advisory: alma — https://bugzilla.redhat.com/2297478
Vendor advisory: alma — https://bugzilla.redhat.com/2297473
Vendor advisory: alma — https://bugzilla.redhat.com/2297471
Vendor advisory: alma — https://bugzilla.redhat.com/2294313
Vendor advisory: alma — https://bugzilla.redhat.com/2293658
Vendor advisory: alma — https://bugzilla.redhat.com/2293441
Vendor advisory: alma — https://bugzilla.redhat.com/2293440
Vendor advisory: alma — https://bugzilla.redhat.com/2293423
Vendor advisory: alma — https://bugzilla.redhat.com/2293414
Vendor advisory: alma — https://bugzilla.redhat.com/2293408
Vendor advisory: alma — https://bugzilla.redhat.com/2293377
Vendor advisory: alma — https://bugzilla.redhat.com/2293304
Vendor advisory: alma — https://bugzilla.redhat.com/2293273
Vendor advisory: alma — https://bugzilla.redhat.com/2293270
Vendor advisory: alma — https://bugzilla.redhat.com/2293247
Vendor advisory: alma — https://bugzilla.redhat.com/2284634
Vendor advisory: alma — https://bugzilla.redhat.com/2284630
Vendor advisory: alma — https://bugzilla.redhat.com/2284628
Vendor advisory: alma — https://bugzilla.redhat.com/2284596
Vendor advisory: alma — https://bugzilla.redhat.com/2284545
Vendor advisory: alma — https://bugzilla.redhat.com/2284515
Vendor advisory: alma — https://bugzilla.redhat.com/2284511
Vendor advisory: alma — https://bugzilla.redhat.com/2284271
Vendor advisory: alma — https://bugzilla.redhat.com/2283424
Vendor advisory: alma — https://bugzilla.redhat.com/2283389
Vendor advisory: alma — https://bugzilla.redhat.com/2282918
Vendor advisory: alma — https://bugzilla.redhat.com/2282903
Vendor advisory: alma — https://bugzilla.redhat.com/2282890
Vendor advisory: alma — https://bugzilla.redhat.com/2282851
Vendor advisory: alma — https://bugzilla.redhat.com/2282764
Vendor advisory: alma — https://bugzilla.redhat.com/2282757
Vendor advisory: alma — https://bugzilla.redhat.com/2282676
Vendor advisory: alma — https://bugzilla.redhat.com/2282669
Vendor advisory: alma — https://bugzilla.redhat.com/2282648
Vendor advisory: alma — https://bugzilla.redhat.com/2282511
Vendor advisory: alma — https://bugzilla.redhat.com/2282508
Vendor advisory: alma — https://bugzilla.redhat.com/2282440
Vendor advisory: alma — https://bugzilla.redhat.com/2282422
Vendor advisory: alma — https://bugzilla.redhat.com/2282401
Vendor advisory: alma — https://bugzilla.redhat.com/2282366
Vendor advisory: alma — https://bugzilla.redhat.com/2282357
Vendor advisory: alma — https://bugzilla.redhat.com/2282356
Vendor advisory: alma — https://bugzilla.redhat.com/2282355
Vendor advisory: alma — https://bugzilla.redhat.com/2282354
Vendor advisory: alma — https://bugzilla.redhat.com/2282345
Vendor advisory: alma — https://bugzilla.redhat.com/2282324
Vendor advisory: alma — https://bugzilla.redhat.com/2281847
Vendor advisory: alma — https://bugzilla.redhat.com/2281807
Vendor advisory: alma — https://bugzilla.redhat.com/2281720
Vendor advisory: alma — https://bugzilla.redhat.com/2281704
Vendor advisory: alma — https://bugzilla.redhat.com/2281317
Vendor advisory: alma — https://bugzilla.redhat.com/2281217
Vendor advisory: alma — https://bugzilla.redhat.com/2278447
Vendor advisory: alma — https://bugzilla.redhat.com/2278270
Vendor advisory: alma — https://bugzilla.redhat.com/2278220
Vendor advisory: alma — https://bugzilla.redhat.com/2277171
Vendor advisory: alma — https://bugzilla.redhat.com/2275742
Vendor advisory: alma — https://bugzilla.redhat.com/2275690
Vendor advisory: alma — https://bugzilla.redhat.com/2275661
Vendor advisory: alma — https://bugzilla.redhat.com/2275558
Vendor advisory: alma — https://bugzilla.redhat.com/2273180
Vendor advisory: alma — https://bugzilla.redhat.com/2273148
Vendor advisory: alma — https://bugzilla.redhat.com/2273141
Vendor advisory: alma — https://bugzilla.redhat.com/2272793
Vendor advisory: alma — https://bugzilla.redhat.com/2271796
Vendor advisory: alma — https://bugzilla.redhat.com/2271648
Vendor advisory: alma — https://bugzilla.redhat.com/2270103
Vendor advisory: alma — https://bugzilla.redhat.com/2268295
Vendor advisory: alma — https://bugzilla.redhat.com/2267925
Vendor advisory: alma — https://bugzilla.redhat.com/2267916
Vendor advisory: alma — https://bugzilla.redhat.com/2267795
Vendor advisory: alma — https://bugzilla.redhat.com/2267041
Vendor advisory: alma — https://bugzilla.redhat.com/2267036
Vendor advisory: alma — https://bugzilla.redhat.com/2266750
Vendor advisory: alma — https://bugzilla.redhat.com/2266358
Vendor advisory: alma — https://bugzilla.redhat.com/2265838
Vendor advisory: alma — https://bugzilla.redhat.com/2265799
Vendor advisory: alma — https://bugzilla.redhat.com/2260038
Vendor advisory: alma — https://bugzilla.redhat.com/2258013
Vendor advisory: alma — https://bugzilla.redhat.com/2258012
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:7000
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2024-35989
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:8162
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2024-35989.html
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:7001
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:7000
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:8162
Mitigation details
Description kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10RHSA-2024:70012024-09-24T00:00:00Z Red Hat Enterprise Linux 8kernel-0:4.18.0-553.22.1.el8_10RHSA-2024:70002024-09-24T00:00:00Z Red…
Description
kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10 | RHSA-2024:7001 | 2024-09-24T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-553.22.1.el8_10 | RHSA-2024:7000 | 2024-09-24T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.40.1.el9_4 | RHSA-2024:8162 | 2024-10-16T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.40.1.el9_4 | RHSA-2024:8162 | 2024-10-16T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected |
| Red Hat Enterprise Linux 7 | kernel | Not affected |
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected |
| Red Hat Enterprise Linux 9 | kernel-rt | Affected |
Apply commands
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 6 | Not affected |
| redhat | Red Hat Enterprise Linux 7 | Not affected |
| redhat | Red Hat Enterprise Linux 7 | Not affected |
| redhat | Red Hat Enterprise Linux 9 | Affected |
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 8 | fixed | |
| sles | affected | | |
| rocky | 9 | fixed | |
| debian | bookworm | fixed | 6.1.90-1 |
| debian | bullseye | fixed | 0 |
| debian | forky | fixed | 6.8.9-1 |
| debian | sid | fixed | 6.8.9-1 |
| debian | trixie | fixed | 6.8.9-1 |
| almalinux | 8 | fixed | kernel-abi-stablelists-4.18.0-553.22.1.el8_10.noarch.rpm |
References
- https://access.redhat.com/errata/RHSA-2024:8162
- https://errata.rockylinux.org/RLSA-2024:7000
- https://errata.rockylinux.org/RLSA-2024:7001
- https://www.suse.com/security/cve/CVE-2024-35989.html
- https://errata.rockylinux.org/RLSA-2024:8162
- https://security-tracker.debian.org/tracker/CVE-2024-35989
- https://access.redhat.com/errata/RHSA-2024:7000
- https://bugzilla.redhat.com/2258012
- https://bugzilla.redhat.com/2258013
- https://bugzilla.redhat.com/2260038
- https://bugzilla.redhat.com/2265799
- https://bugzilla.redhat.com/2265838
- https://bugzilla.redhat.com/2266358
- https://bugzilla.redhat.com/2266750
- https://bugzilla.redhat.com/2267036
- https://bugzilla.redhat.com/2267041
- https://bugzilla.redhat.com/2267795
- https://bugzilla.redhat.com/2267916
- https://bugzilla.redhat.com/2267925
- https://bugzilla.redhat.com/2268295
- https://bugzilla.redhat.com/2270103
- https://bugzilla.redhat.com/2271648
- https://bugzilla.redhat.com/2271796
- https://bugzilla.redhat.com/2272793
- https://bugzilla.redhat.com/2273141
Verify integrity in audit chain (admin only). AS-IS.