Risk | Critical |
Patch available | YES |
Number of vulnerabilities | 19 |
CVE-ID | CVE-2023-52881 CVE-2023-52439 CVE-2023-52448 CVE-2022-48637 CVE-2024-21823 CVE-2024-35852 CVE-2021-47385 CVE-2021-47311 CVE-2021-47566 CVE-2024-36017 CVE-2024-39502 CVE-2023-52885 CVE-2022-48827 CVE-2022-48828 CVE-2022-48829 CVE-2024-41091 CVE-2024-41090 CVE-2024-36971 CVE-2023-38409 |
CWE-ID | CWE-451 CWE-416 CWE-476 CWE-502 CWE-401 CWE-119 CWE-125 CWE-191 CWE-20 |
Exploitation vector | Network |
Public exploit | Vulnerability #18 is being exploited in the wild. |
Vulnerable software Subscribe |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions Operating systems & Components / Operating system package or component kernel (Red Hat package) Operating systems & Components / Operating system package or component Red Hat Enterprise Linux Server - TUS Operating systems & Components / Operating system Red Hat Enterprise Linux Server - AUS Operating systems & Components / Operating system |
Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 19 vulnerabilities.
EUVDB-ID: #VU89895
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52881
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87573
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52439
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uio_open() function in drivers/uio/uio.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU87741
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52448
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in gfs2_rgrp_dump() function. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90189
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48637
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bnxt_tx_int() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89676
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21823
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure deserialization in hardware logic. A local user can perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89983
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35852
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vregion_destroy() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90469
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47385
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the w83792d_detect_subclients() function in drivers/hwmon/w83792d.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90103
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47311
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the emac_remove() function in drivers/net/ethernet/qualcomm/emac/emac.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93289
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47566
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the read_from_oldmem() function in fs/proc/vmcore.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93081
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36017
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94261
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-39502
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ionic_qcq_enable() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94326
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52885
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svc_tcp_listen_data_ready() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94479
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48827
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nfsd4_encode_read() and nfsd4_encode_read_plus() functions in fs/nfsd/nfs4xdr.c, within the nfsd4_read() function in fs/nfsd/nfs4proc.c, within the nfsd3_proc_read() function in fs/nfsd/nfs3proc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94466
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48828
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nfsd_setattr() function in fs/nfsd/vfs.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94492
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48829
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the svcxdr_decode_sattr3() function in fs/nfsd/nfs3xdr.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94841
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41091
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tun_xdp_one() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU94840
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41090
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tap_get_user_xdp() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91597
Risk: Critical
CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-36971
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
EUVDB-ID: #VU79497
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38409
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the set_con2fb_map() function in drivers/video/fbdev/core/fbcon.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.6
Red Hat Enterprise Linux Server - TUS: 8.6
Red Hat Enterprise Linux Server - AUS: 8.6
kernel (Red Hat package): before 4.18.0-372.118.1.el8_6
External linkshttp://access.redhat.com/errata/RHSA-2024:5281
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.