{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: bpf: fix OOB devmap writes when deleting elements (CVE-2024-56615)\n\n* kernel: xsk: fix OOB map writes when deleting elements (CVE-2024-56614)\n\n* kernel: md: fix mddev uaf while iterating all_mddevs list (CVE-2025-22126)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:10536",
        "url": "https://access.redhat.com/errata/RHSA-2025:10536"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2334493",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334493"
      },
      {
        "category": "external",
        "summary": "2334573",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334573"
      },
      {
        "category": "external",
        "summary": "2360236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360236"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10536.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2026-06-30T03:30:26+00:00",
      "generator": {
        "date": "2026-06-30T03:30:26+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.0"
        }
      },
      "id": "RHSA-2025:10536",
      "initial_release_date": "2025-07-08T00:13:53+00:00",
      "revision_history": [
        {
          "date": "2025-07-08T00:13:53+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-07-08T00:13:53+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T03:30:26+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
                  "product_id": "RT-9.2.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.2::realtime"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
                  "product_id": "NFV-9.2.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.2::nfv"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
                "product": {
                  "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
                  "product_id": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.122.1.rt14.407.el9_2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_id": "kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.122.1.rt14.407.el9_2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
          "product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "NFV-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
          "product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
        "relates_to_product_reference": "RT-9.2.0.Z.E4S"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-56614",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers ('Resource Injection')"
      },
      "discovery_date": "2024-12-27T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2334573"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix OOB map writes when deleting elements\n\nJordy says:\n\n\"\nIn the xsk_map_delete_elem function an unsigned integer\n(map->max_entries) is compared with a user-controlled signed integer\n(k). Due to implicit type conversion, a large unsigned value for\nmap->max_entries can bypass the intended bounds check:\n\n\tif (k >= map->max_entries)\n\t\treturn -EINVAL;\n\nThis allows k to hold a negative value (between -2147483648 and -2),\nwhich is then used as an array index in m->xsk_map[k], which results\nin an out-of-bounds access.\n\n\tspin_lock_bh(&m->lock);\n\tmap_entry = &m->xsk_map[k]; // Out-of-bounds map_entry\n\told_xs = unrcu_pointer(xchg(map_entry, NULL));  // Oob write\n\tif (old_xs)\n\t\txsk_map_sock_delete(old_xs, map_entry);\n\tspin_unlock_bh(&m->lock);\n\nThe xchg operation can then be used to cause an out-of-bounds write.\nMoreover, the invalid map_entry passed to xsk_map_sock_delete can lead\nto further memory corruption.\n\"\n\nIt indeed results in following splat:\n\n[76612.897343] BUG: unable to handle page fault for address: ffffc8fc2e461108\n[76612.904330] #PF: supervisor write access in kernel mode\n[76612.909639] #PF: error_code(0x0002) - not-present page\n[76612.914855] PGD 0 P4D 0\n[76612.917431] Oops: Oops: 0002 [#1] PREEMPT SMP\n[76612.921859] CPU: 11 UID: 0 PID: 10318 Comm: a.out Not tainted 6.12.0-rc1+ #470\n[76612.929189] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[76612.939781] RIP: 0010:xsk_map_delete_elem+0x2d/0x60\n[76612.944738] Code: 00 00 41 54 55 53 48 63 2e 3b 6f 24 73 38 4c 8d a7 f8 00 00 00 48 89 fb 4c 89 e7 e8 2d bf 05 00 48 8d b4 eb 00 01 00 00 31 ff <48> 87 3e 48 85 ff 74 05 e8 16 ff ff ff 4c 89 e7 e8 3e bc 05 00 31\n[76612.963774] RSP: 0018:ffffc9002e407df8 EFLAGS: 00010246\n[76612.969079] RAX: 0000000000000000 RBX: ffffc9002e461000 RCX: 0000000000000000\n[76612.976323] RDX: 0000000000000001 RSI: ffffc8fc2e461108 RDI: 0000000000000000\n[76612.983569] RBP: ffffffff80000001 R08: 0000000000000000 R09: 0000000000000007\n[76612.990812] R10: ffffc9002e407e18 R11: ffff888108a38858 R12: ffffc9002e4610f8\n[76612.998060] R13: ffff888108a38858 R14: 00007ffd1ae0ac78 R15: ffffc9002e4610c0\n[76613.005303] FS:  00007f80b6f59740(0000) GS:ffff8897e0ec0000(0000) knlGS:0000000000000000\n[76613.013517] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[76613.019349] CR2: ffffc8fc2e461108 CR3: 000000011e3ef001 CR4: 00000000007726f0\n[76613.026595] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[76613.033841] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[76613.041086] PKRU: 55555554\n[76613.043842] Call Trace:\n[76613.046331]  <TASK>\n[76613.048468]  ? __die+0x20/0x60\n[76613.051581]  ? page_fault_oops+0x15a/0x450\n[76613.055747]  ? search_extable+0x22/0x30\n[76613.059649]  ? search_bpf_extables+0x5f/0x80\n[76613.063988]  ? exc_page_fault+0xa9/0x140\n[76613.067975]  ? asm_exc_page_fault+0x22/0x30\n[76613.072229]  ? xsk_map_delete_elem+0x2d/0x60\n[76613.076573]  ? xsk_map_delete_elem+0x23/0x60\n[76613.080914]  __sys_bpf+0x19b7/0x23c0\n[76613.084555]  __x64_sys_bpf+0x1a/0x20\n[76613.088194]  do_syscall_64+0x37/0xb0\n[76613.091832]  entry_SYSCALL_64_after_hwframe+0x4b/0x53\n[76613.096962] RIP: 0033:0x7f80b6d1e88d\n[76613.100592] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 b5 0f 00 f7 d8 64 89 01 48\n[76613.119631] RSP: 002b:00007ffd1ae0ac68 EFLAGS: 00000206 ORIG_RAX: 0000000000000141\n[76613.131330] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f80b6d1e88d\n[76613.142632] RDX: 0000000000000098 RSI: 00007ffd1ae0ad20 RDI: 0000000000000003\n[76613.153967] RBP: 00007ffd1ae0adc0 R08: 0000000000000000 R09: 0000000000000000\n[76613.166030] R10: 00007f80b6f77040 R11: 0000000000000206 R12: 00007ffd1ae0aed8\n[76613.177130] R13: 000055ddf42ce1e9 R14: 000055ddf42d0d98 R15: 00\n---truncated---",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: xsk: fix OOB map writes when deleting elements",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For the Red Hat Enterprise Linux 8/9 to confirm the current state, inspect the sysctl with the command:\n\n    cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 or 2 would mean that unprivileged users can not use eBPF, mitigating the flaw. The difference between the two is a value of 2 means that it can be re-enabled without a reboot, while a value of 1 requires a reboot to take effect.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
          "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
          "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-56614"
        },
        {
          "category": "external",
          "summary": "RHBZ#2334573",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334573"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-56614",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56614"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56614",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56614"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024122707-CVE-2024-56614-17c4@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024122707-CVE-2024-56614-17c4@gregkh/T"
        }
      ],
      "release_date": "2024-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-07-08T00:13:53+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:10536"
        },
        {
          "category": "workaround",
          "details": "The bug could happen only when XDP sockets and BPF being used. The XDP sockets allows a channel between XDP programs and userspace applications. Even if BPF enabled (by default disabled in Red Hat Enterprise Linux), it requires root privileges to trigger this issue. The mitigation is not using BPF or not using XDP. The link to the example code for the usage of XDP with BPF: https://medium.com/@yunwei356/ebpf-tutorial-by-example-capturing-tcp-information-with-xdp-aef77f42a8e1\n\nOur analysis indicates that while it is out of support scope for this issue, Red Hat Enterprise Linux 8 is also affected. For systems on that version, the same mitigation can be applied. However, in that version, the unprivileged_bpf_disabled sysctl takes only two values: 0 for enabled, 1 for disabled. Unprivileged BPF can be disabled by setting that sysctl in a file, such as in /etc/sysctl.d/",
          "product_ids": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: xsk: fix OOB map writes when deleting elements"
    },
    {
      "cve": "CVE-2024-56615",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2024-12-27T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2334493"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix OOB devmap writes when deleting elements\n\nJordy reported issue against XSKMAP which also applies to DEVMAP - the\nindex used for accessing map entry, due to being a signed integer,\ncauses the OOB writes. Fix is simple as changing the type from int to\nu32, however, when compared to XSKMAP case, one more thing needs to be\naddressed.\n\nWhen map is released from system via dev_map_free(), we iterate through\nall of the entries and an iterator variable is also an int, which\nimplies OOB accesses. Again, change it to be u32.\n\nExample splat below:\n\n[  160.724676] BUG: unable to handle page fault for address: ffffc8fc2c001000\n[  160.731662] #PF: supervisor read access in kernel mode\n[  160.736876] #PF: error_code(0x0000) - not-present page\n[  160.742095] PGD 0 P4D 0\n[  160.744678] Oops: Oops: 0000 [#1] PREEMPT SMP\n[  160.749106] CPU: 1 UID: 0 PID: 520 Comm: kworker/u145:12 Not tainted 6.12.0-rc1+ #487\n[  160.757050] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[  160.767642] Workqueue: events_unbound bpf_map_free_deferred\n[  160.773308] RIP: 0010:dev_map_free+0x77/0x170\n[  160.777735] Code: 00 e8 fd 91 ed ff e8 b8 73 ed ff 41 83 7d 18 19 74 6e 41 8b 45 24 49 8b bd f8 00 00 00 31 db 85 c0 74 48 48 63 c3 48 8d 04 c7 <48> 8b 28 48 85 ed 74 30 48 8b 7d 18 48 85 ff 74 05 e8 b3 52 fa ff\n[  160.796777] RSP: 0018:ffffc9000ee1fe38 EFLAGS: 00010202\n[  160.802086] RAX: ffffc8fc2c001000 RBX: 0000000080000000 RCX: 0000000000000024\n[  160.809331] RDX: 0000000000000000 RSI: 0000000000000024 RDI: ffffc9002c001000\n[  160.816576] RBP: 0000000000000000 R08: 0000000000000023 R09: 0000000000000001\n[  160.823823] R10: 0000000000000001 R11: 00000000000ee6b2 R12: dead000000000122\n[  160.831066] R13: ffff88810c928e00 R14: ffff8881002df405 R15: 0000000000000000\n[  160.838310] FS:  0000000000000000(0000) GS:ffff8897e0c40000(0000) knlGS:0000000000000000\n[  160.846528] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  160.852357] CR2: ffffc8fc2c001000 CR3: 0000000005c32006 CR4: 00000000007726f0\n[  160.859604] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  160.866847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[  160.874092] PKRU: 55555554\n[  160.876847] Call Trace:\n[  160.879338]  <TASK>\n[  160.881477]  ? __die+0x20/0x60\n[  160.884586]  ? page_fault_oops+0x15a/0x450\n[  160.888746]  ? search_extable+0x22/0x30\n[  160.892647]  ? search_bpf_extables+0x5f/0x80\n[  160.896988]  ? exc_page_fault+0xa9/0x140\n[  160.900973]  ? asm_exc_page_fault+0x22/0x30\n[  160.905232]  ? dev_map_free+0x77/0x170\n[  160.909043]  ? dev_map_free+0x58/0x170\n[  160.912857]  bpf_map_free_deferred+0x51/0x90\n[  160.917196]  process_one_work+0x142/0x370\n[  160.921272]  worker_thread+0x29e/0x3b0\n[  160.925082]  ? rescuer_thread+0x4b0/0x4b0\n[  160.929157]  kthread+0xd4/0x110\n[  160.932355]  ? kthread_park+0x80/0x80\n[  160.936079]  ret_from_fork+0x2d/0x50\n[  160.943396]  ? kthread_park+0x80/0x80\n[  160.950803]  ret_from_fork_asm+0x11/0x20\n[  160.958482]  </TASK>",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: bpf: fix OOB devmap writes when deleting elements",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For the Red Hat Enterprise Linux 8/9 to confirm the current state, inspect the sysctl with the command:\n\n    cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 or 2 would mean that unprivileged users can not use eBPF, mitigating the flaw. The difference between the two is a value of 2 means that it can be re-enabled without a reboot, while a value of 1 requires a reboot to take effect.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
          "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
          "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-56615"
        },
        {
          "category": "external",
          "summary": "RHBZ#2334493",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334493"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-56615",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56615"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56615",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56615"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024122708-CVE-2024-56615-5148@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024122708-CVE-2024-56615-5148@gregkh/T"
        }
      ],
      "release_date": "2024-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-07-08T00:13:53+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:10536"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: bpf: fix OOB devmap writes when deleting elements"
    },
    {
      "cve": "CVE-2025-22126",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2025-04-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2360236"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in the Linux kernel’s MD (multiple device) subsystem during iteration over the all_mddevs list in functions such as md_notify_reboot() and md_exit(). The code used list_for_each_entry_safe, but released locks before completing reference counting, allowing concurrent deletion and freeing of an mddev entry. This led to a use-after-free when the kernel continued to reference freed mddev structures. A local user with low privileges could trigger this to corrupt memory and cause a denial of service. The issue has been resolved by reworking the iteration logic, introducing proper locking and reference handling (mddev_put_locked()), and switching to list_for_each_entry to avoid unsafe continuation across deletions",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: md: fix mddev uaf while iterating all_mddevs list",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
          "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
          "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
          "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-22126"
        },
        {
          "category": "external",
          "summary": "RHBZ#2360236",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360236"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-22126",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22126",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22126"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025041629-CVE-2025-22126-50e3@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025041629-CVE-2025-22126-50e3@gregkh/T"
        }
      ],
      "release_date": "2025-04-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-07-08T00:13:53+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:10536"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.src",
            "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64",
            "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.122.1.rt14.407.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: md: fix mddev uaf while iterating all_mddevs list"
    }
  ]
}