{"id":"RLSA-2024:10944","summary":"Moderate: kernel-rt security update","details":"The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: selinux,smack: don't bypass permissions check in inode_setsecctx hook (CVE-2024-46695)\n\n* kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (CVE-2024-49949)\n\n* kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (CVE-2024-50082)\n\n* kernel: arm64: probes: Remove broken LDR (literal) uprobe support (CVE-2024-50099)\n\n* kernel: xfrm: fix one more kernel-infoleak in algo dumping (CVE-2024-50110)\n\n* kernel: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (CVE-2024-50142)\n\n* kernel: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE (CVE-2024-50192)\n\n* kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (CVE-2024-50256)\n\n* kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (CVE-2024-50264)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-03-11T06:28:22.285629Z","published":"2024-12-19T04:18:13.579534Z","upstream":["CVE-2024-46695","CVE-2024-49949","CVE-2024-50082","CVE-2024-50099","CVE-2024-50110","CVE-2024-50142","CVE-2024-50192","CVE-2024-50256","CVE-2024-50264"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2024:10944"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312083"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320505"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322308"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323904"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323930"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324315"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324612"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324889"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327168"}],"affected":[{"package":{"name":"kernel-rt","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/kernel-rt?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.18.0-553.32.1.rt7.373.el8_10"}],"database_specific":{"yum_repository":"NFV"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2024:10944.json"}}],"schema_version":"1.7.5","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}