Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for RHOL-5.7-RHEL-8 by Red Hat

    CVE-2024-0565 (GCVE-0-2024-0565)

    Vulnerability from nvd – Published: 2024-01-15 20:02 – Updated: 2025-11-06 19:54
    VLAI
    Title
    Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client
    Summary
    An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-191 - Integer Underflow (Wrap or Wraparound)
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 0 , < 6.7-rc6 (semver)
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.rt7.326.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::nfv
        cpe:/a:redhat:enterprise_linux:8::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:4.18.0-372.95.1.el8_6 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:4.18.0-477.51.1.el8_8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::nfv
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::realtime
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.59.1.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::crb
        cpe:/o:redhat:rhel_eus:9.2::baseos
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.59.1.rt14.344.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::nfv
        cpe:/a:redhat:rhel_eus:9.2::realtime
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-372.95.1.el8_6 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-16 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-7 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-408 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-19 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.0.0-480 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-9 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.4.0-248 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.14.6-215 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-431 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.1.0-228 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.8.1-471 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v2.9.6-15 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-3 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-27 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-12 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-527 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-225 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.28.1-57 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2023-12-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:11:35.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1188",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1188"
              },
              {
                "name": "RHSA-2024:1404",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1404"
              },
              {
                "name": "RHSA-2024:1532",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1532"
              },
              {
                "name": "RHSA-2024:1533",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1533"
              },
              {
                "name": "RHSA-2024:1607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1607"
              },
              {
                "name": "RHSA-2024:1614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1614"
              },
              {
                "name": "RHSA-2024:2093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2093"
              },
              {
                "name": "RHSA-2024:2394",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2394"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0565"
              },
              {
                "name": "RHBZ#2258518",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240223-0002/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.spinics.net/lists/stable-commits/msg328851.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T15:47:13.024655Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T13:59:38.696Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "versions": [
                {
                  "lessThan": "6.7-rc6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::nfv",
                "cpe:/a:redhat:enterprise_linux:8::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.rt7.326.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.95.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-477.51.1.el8_8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::crb",
                "cpe:/o:redhat:rhel_eus:9.2::baseos",
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.59.1.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::nfv",
                "cpe:/a:redhat:rhel_eus:9.2::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.59.1.rt14.344.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.95.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-16",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-408",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-proxy-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.0.0-480",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/eventrouter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.4.0-248",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/fluentd-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.14.6-215",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/kibana6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-431",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/log-file-metric-exporter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.1.0-228",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-curator5-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.1-471",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-loki-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v2.9.6-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-view-plugin-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-27",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-527",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/opa-openshift-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-225",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/vector-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.28.1-57",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2023-12-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "Integer Underflow (Wrap or Wraparound)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T19:54:35.381Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1188",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1188"
            },
            {
              "name": "RHSA-2024:1404",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1404"
            },
            {
              "name": "RHSA-2024:1532",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1532"
            },
            {
              "name": "RHSA-2024:1533",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1533"
            },
            {
              "name": "RHSA-2024:1607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1607"
            },
            {
              "name": "RHSA-2024:1614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1614"
            },
            {
              "name": "RHSA-2024:2093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2093"
            },
            {
              "name": "RHSA-2024:2394",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2394"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0565"
            },
            {
              "name": "RHBZ#2258518",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518"
            },
            {
              "url": "https://www.spinics.net/lists/stable-commits/msg328851.html"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-15T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-12-18T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client",
          "workarounds": [
            {
              "lang": "en",
              "value": "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
            }
          ],
          "x_redhatCweChain": "CWE-191: Integer Underflow (Wrap or Wraparound)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0565",
        "datePublished": "2024-01-15T20:02:02.639Z",
        "dateReserved": "2024-01-15T19:19:12.076Z",
        "dateUpdated": "2025-11-06T19:54:35.381Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6546 (GCVE-0-2023-6546)

    Vulnerability from nvd – Published: 2023-12-21 20:01 – Updated: 2026-02-18 17:14
    VLAI
    Title
    Kernel: gsm multiplexing race condition leads to privilege escalation
    Summary
    A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
    CWE
    • CWE-366 - Race Condition within a Thread
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0930 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0937 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1018 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1019 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1055 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1250 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1253 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1306 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1612 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2394 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2697 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4577 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4729 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4731 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4970 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-6546 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2255498 issue-trackingx_refsource_REDHAT
    https://github.com/torvalds/linux/commit/3c4f8333…
    https://www.zerodayinitiative.com/advisories/ZDI-…
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/11/7 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/11/9 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/12/1 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/12/2 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/16/2 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/17/1 x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.rt7.326.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::realtime
        cpe:/a:redhat:enterprise_linux:8::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:4.18.0-193.136.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.134.1.rt7.210.el8_4 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.4::nfv
        cpe:/a:redhat:rhel_tus:8.4::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions     cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:4.18.0-372.93.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support     cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:4.18.0-477.55.1.el8_8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support     cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::realtime
        cpe:/a:redhat:enterprise_linux:9::nfv
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/o:redhat:enterprise_linux:9::baseos
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.2.el9_0 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.1.rt21.165.el9_0 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::realtime
        cpe:/a:redhat:rhel_eus:9.0::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support     cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.55.1.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
        cpe:/a:redhat:rhel_eus:9.2::crb
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.55.1.rt14.340.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::realtime
        cpe:/a:redhat:rhel_eus:9.2::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support     cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-372.93.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-16 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-7 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-408 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-19 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.0.0-480 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-9 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.4.0-248 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.14.6-215 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-431 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.1.0-228 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.8.1-471 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v2.9.6-15 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-3 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-27 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-12 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-527 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-225 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.28.1-57 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2023-12-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:35:14.746Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/10/18"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/10/21"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/11/7"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/11/9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/16/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/17/1"
              },
              {
                "name": "RHSA-2024:0930",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0930"
              },
              {
                "name": "RHSA-2024:0937",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0937"
              },
              {
                "name": "RHSA-2024:1018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1018"
              },
              {
                "name": "RHSA-2024:1019",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1019"
              },
              {
                "name": "RHSA-2024:1055",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1055"
              },
              {
                "name": "RHSA-2024:1250",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1250"
              },
              {
                "name": "RHSA-2024:1253",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1253"
              },
              {
                "name": "RHSA-2024:1306",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1306"
              },
              {
                "name": "RHSA-2024:1607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1607"
              },
              {
                "name": "RHSA-2024:1612",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1612"
              },
              {
                "name": "RHSA-2024:1614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1614"
              },
              {
                "name": "RHSA-2024:2093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2093"
              },
              {
                "name": "RHSA-2024:2394",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2394"
              },
              {
                "name": "RHSA-2024:2621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2621"
              },
              {
                "name": "RHSA-2024:2697",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2697"
              },
              {
                "name": "RHSA-2024:4577",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:4577"
              },
              {
                "name": "RHSA-2024:4729",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:4729"
              },
              {
                "name": "RHSA-2024:4731",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:4731"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-6546"
              },
              {
                "name": "RHBZ#2255498",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::realtime",
                "cpe:/a:redhat:enterprise_linux:8::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.rt7.326.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.136.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.4::nfv",
                "cpe:/a:redhat:rhel_tus:8.4::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.rt7.210.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.93.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-477.55.1.el8_8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.2.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::realtime",
                "cpe:/a:redhat:rhel_eus:9.0::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.1.rt21.165.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream",
                "cpe:/a:redhat:rhel_eus:9.2::crb",
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.55.1.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::realtime",
                "cpe:/a:redhat:rhel_eus:9.2::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.55.1.rt14.340.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.93.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-16",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-408",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-proxy-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.0.0-480",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/eventrouter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.4.0-248",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/fluentd-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.14.6-215",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/kibana6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-431",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/log-file-metric-exporter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.1.0-228",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-curator5-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.1-471",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-loki-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v2.9.6-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-view-plugin-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-27",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-527",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/opa-openshift-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-225",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/vector-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.28.1-57",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2023-12-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-366",
                  "description": "Race Condition within a Thread",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-18T17:14:39.905Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0930",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0930"
            },
            {
              "name": "RHSA-2024:0937",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0937"
            },
            {
              "name": "RHSA-2024:1018",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1018"
            },
            {
              "name": "RHSA-2024:1019",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1019"
            },
            {
              "name": "RHSA-2024:1055",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1055"
            },
            {
              "name": "RHSA-2024:1250",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1250"
            },
            {
              "name": "RHSA-2024:1253",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1253"
            },
            {
              "name": "RHSA-2024:1306",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1306"
            },
            {
              "name": "RHSA-2024:1607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1607"
            },
            {
              "name": "RHSA-2024:1612",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1612"
            },
            {
              "name": "RHSA-2024:1614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1614"
            },
            {
              "name": "RHSA-2024:2093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2093"
            },
            {
              "name": "RHSA-2024:2394",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2394"
            },
            {
              "name": "RHSA-2024:2621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2621"
            },
            {
              "name": "RHSA-2024:2697",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2697"
            },
            {
              "name": "RHSA-2024:4577",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4577"
            },
            {
              "name": "RHSA-2024:4729",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4729"
            },
            {
              "name": "RHSA-2024:4731",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4731"
            },
            {
              "name": "RHSA-2024:4970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4970"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-6546"
            },
            {
              "name": "RHBZ#2255498",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"
            },
            {
              "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-12-18T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-12-21T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Kernel: gsm multiplexing race condition leads to privilege escalation",
          "workarounds": [
            {
              "lang": "en",
              "value": "This flaw can be mitigated by preventing the affected `n_gsm` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-366: Race Condition within a Thread"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-6546",
        "datePublished": "2023-12-21T20:01:03.217Z",
        "dateReserved": "2023-12-06T07:11:48.937Z",
        "dateUpdated": "2026-02-18T17:14:39.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4456 (GCVE-0-2023-4456)

    Vulnerability from nvd – Published: 2023-08-21 15:19 – Updated: 2025-11-20 18:27
    VLAI
    Title
    Openshift-logging: lokistack authorisation is cached too broadly
    Summary
    A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1220 - Insufficient Granularity of Access Control
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:4933 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5095 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5096 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-4456 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2233087 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat RHOL-5.5-RHEL-8 Unaffected: v0.1.0-327 , < * (rpm)
        cpe:/a:redhat:logging:5.5::el8
    Create a notification for this product.
    Red Hat RHOL-5.6-RHEL-8 Unaffected: v0.1.0-326 , < * (rpm)
        cpe:/a:redhat:logging:5.6::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-325 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Date Public
    2023-08-21 00:00
    Credits
    This issue was discovered by Robert Jacob (Red Hat).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4456",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-26T20:04:56.956783Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:27:25.132Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:31:05.461Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:4933",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:4933"
              },
              {
                "name": "RHSA-2023:5095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5095"
              },
              {
                "name": "RHSA-2023:5096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5096"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-4456"
              },
              {
                "name": "RHBZ#2233087",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233087"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.5-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-327",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.6-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-326",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-325",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered by Robert Jacob (Red Hat)."
            }
          ],
          "datePublic": "2023-08-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1220",
                  "description": "Insufficient Granularity of Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T18:27:42.202Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:4933",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:4933"
            },
            {
              "name": "RHSA-2023:5095",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5095"
            },
            {
              "name": "RHSA-2023:5096",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5096"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-4456"
            },
            {
              "name": "RHBZ#2233087",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233087"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-08-21T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-08-21T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Openshift-logging: lokistack authorisation is cached too broadly",
          "x_redhatCweChain": "CWE-1220: Insufficient Granularity of Access Control"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-4456",
        "datePublished": "2023-08-21T15:19:22.208Z",
        "dateReserved": "2023-08-21T11:46:25.407Z",
        "dateUpdated": "2025-11-20T18:27:42.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0565 (GCVE-0-2024-0565)

    Vulnerability from cvelistv5 – Published: 2024-01-15 20:02 – Updated: 2025-11-06 19:54
    VLAI
    Title
    Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client
    Summary
    An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-191 - Integer Underflow (Wrap or Wraparound)
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 0 , < 6.7-rc6 (semver)
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.rt7.326.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::nfv
        cpe:/a:redhat:enterprise_linux:8::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:4.18.0-372.95.1.el8_6 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:4.18.0-477.51.1.el8_8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::nfv
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::realtime
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.59.1.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::crb
        cpe:/o:redhat:rhel_eus:9.2::baseos
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.59.1.rt14.344.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::nfv
        cpe:/a:redhat:rhel_eus:9.2::realtime
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-372.95.1.el8_6 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-16 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-7 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-408 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-19 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.0.0-480 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-9 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.4.0-248 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.14.6-215 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-431 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.1.0-228 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.8.1-471 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v2.9.6-15 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-3 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-27 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-12 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-527 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-225 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.28.1-57 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2023-12-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:11:35.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1188",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1188"
              },
              {
                "name": "RHSA-2024:1404",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1404"
              },
              {
                "name": "RHSA-2024:1532",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1532"
              },
              {
                "name": "RHSA-2024:1533",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1533"
              },
              {
                "name": "RHSA-2024:1607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1607"
              },
              {
                "name": "RHSA-2024:1614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1614"
              },
              {
                "name": "RHSA-2024:2093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2093"
              },
              {
                "name": "RHSA-2024:2394",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2394"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0565"
              },
              {
                "name": "RHBZ#2258518",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240223-0002/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.spinics.net/lists/stable-commits/msg328851.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T15:47:13.024655Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T13:59:38.696Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "versions": [
                {
                  "lessThan": "6.7-rc6",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::nfv",
                "cpe:/a:redhat:enterprise_linux:8::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.rt7.326.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.95.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-477.51.1.el8_8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::crb",
                "cpe:/o:redhat:rhel_eus:9.2::baseos",
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.59.1.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::nfv",
                "cpe:/a:redhat:rhel_eus:9.2::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.59.1.rt14.344.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.95.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-16",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-408",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-proxy-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.0.0-480",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/eventrouter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.4.0-248",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/fluentd-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.14.6-215",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/kibana6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-431",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/log-file-metric-exporter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.1.0-228",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-curator5-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.1-471",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-loki-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v2.9.6-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-view-plugin-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-27",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-527",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/opa-openshift-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-225",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/vector-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.28.1-57",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2023-12-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "Integer Underflow (Wrap or Wraparound)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T19:54:35.381Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1188",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1188"
            },
            {
              "name": "RHSA-2024:1404",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1404"
            },
            {
              "name": "RHSA-2024:1532",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1532"
            },
            {
              "name": "RHSA-2024:1533",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1533"
            },
            {
              "name": "RHSA-2024:1607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1607"
            },
            {
              "name": "RHSA-2024:1614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1614"
            },
            {
              "name": "RHSA-2024:2093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2093"
            },
            {
              "name": "RHSA-2024:2394",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2394"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0565"
            },
            {
              "name": "RHBZ#2258518",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518"
            },
            {
              "url": "https://www.spinics.net/lists/stable-commits/msg328851.html"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-15T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-12-18T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client",
          "workarounds": [
            {
              "lang": "en",
              "value": "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
            }
          ],
          "x_redhatCweChain": "CWE-191: Integer Underflow (Wrap or Wraparound)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0565",
        "datePublished": "2024-01-15T20:02:02.639Z",
        "dateReserved": "2024-01-15T19:19:12.076Z",
        "dateUpdated": "2025-11-06T19:54:35.381Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6546 (GCVE-0-2023-6546)

    Vulnerability from cvelistv5 – Published: 2023-12-21 20:01 – Updated: 2026-02-18 17:14
    VLAI
    Title
    Kernel: gsm multiplexing race condition leads to privilege escalation
    Summary
    A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
    CWE
    • CWE-366 - Race Condition within a Thread
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0930 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0937 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1018 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1019 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1055 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1250 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1253 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1306 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1612 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2394 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2697 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4577 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4729 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4731 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:4970 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-6546 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2255498 issue-trackingx_refsource_REDHAT
    https://github.com/torvalds/linux/commit/3c4f8333…
    https://www.zerodayinitiative.com/advisories/ZDI-…
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/11/7 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/11/9 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/12/1 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/12/2 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/16/2 x_transferred
    http://www.openwall.com/lists/oss-security/2024/04/17/1 x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.rt7.326.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::realtime
        cpe:/a:redhat:enterprise_linux:8::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.24.1.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:4.18.0-193.136.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.134.1.rt7.210.el8_4 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.4::nfv
        cpe:/a:redhat:rhel_tus:8.4::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions     cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:4.18.0-372.93.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support     cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:4.18.0-477.55.1.el8_8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support     cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::realtime
        cpe:/a:redhat:enterprise_linux:9::nfv
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/o:redhat:enterprise_linux:9::baseos
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.2.el9_0 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.1.rt21.165.el9_0 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::realtime
        cpe:/a:redhat:rhel_eus:9.0::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support     cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.55.1.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
        cpe:/a:redhat:rhel_eus:9.2::crb
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.55.1.rt14.340.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::realtime
        cpe:/a:redhat:rhel_eus:9.2::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support     cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-372.93.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-16 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-7 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-408 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-19 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.0.0-480 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-9 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.4.0-248 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.14.6-215 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v6.8.1-431 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v1.1.0-228 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.8.1-471 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v2.9.6-15 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-3 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-27 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v5.7.13-12 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-527 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-225 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.28.1-57 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2023-12-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:35:14.746Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/10/18"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/10/21"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/11/7"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/11/9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/16/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/17/1"
              },
              {
                "name": "RHSA-2024:0930",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0930"
              },
              {
                "name": "RHSA-2024:0937",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0937"
              },
              {
                "name": "RHSA-2024:1018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1018"
              },
              {
                "name": "RHSA-2024:1019",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1019"
              },
              {
                "name": "RHSA-2024:1055",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1055"
              },
              {
                "name": "RHSA-2024:1250",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1250"
              },
              {
                "name": "RHSA-2024:1253",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1253"
              },
              {
                "name": "RHSA-2024:1306",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1306"
              },
              {
                "name": "RHSA-2024:1607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1607"
              },
              {
                "name": "RHSA-2024:1612",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1612"
              },
              {
                "name": "RHSA-2024:1614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1614"
              },
              {
                "name": "RHSA-2024:2093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2093"
              },
              {
                "name": "RHSA-2024:2394",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2394"
              },
              {
                "name": "RHSA-2024:2621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2621"
              },
              {
                "name": "RHSA-2024:2697",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2697"
              },
              {
                "name": "RHSA-2024:4577",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:4577"
              },
              {
                "name": "RHSA-2024:4729",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:4729"
              },
              {
                "name": "RHSA-2024:4731",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:4731"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-6546"
              },
              {
                "name": "RHBZ#2255498",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::realtime",
                "cpe:/a:redhat:enterprise_linux:8::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.rt7.326.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.24.1.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.136.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.4::nfv",
                "cpe:/a:redhat:rhel_tus:8.4::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.rt7.210.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.134.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.93.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-477.55.1.el8_8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-427.13.1.el9_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.2.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::realtime",
                "cpe:/a:redhat:rhel_eus:9.0::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.1.rt21.165.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream",
                "cpe:/a:redhat:rhel_eus:9.2::crb",
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.55.1.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::realtime",
                "cpe:/a:redhat:rhel_eus:9.2::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.55.1.rt14.340.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.93.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-16",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-408",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-proxy-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.0.0-480",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/eventrouter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.4.0-248",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/fluentd-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.14.6-215",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/kibana6-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-431",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/log-file-metric-exporter-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.1.0-228",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-curator5-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.1-471",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-loki-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v2.9.6-15",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-view-plugin-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-operator-bundle",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-27",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-rhel8-operator",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.7.13-12",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-527",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/opa-openshift-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-225",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/vector-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.28.1-57",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2023-12-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-366",
                  "description": "Race Condition within a Thread",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-18T17:14:39.905Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0930",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0930"
            },
            {
              "name": "RHSA-2024:0937",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0937"
            },
            {
              "name": "RHSA-2024:1018",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1018"
            },
            {
              "name": "RHSA-2024:1019",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1019"
            },
            {
              "name": "RHSA-2024:1055",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1055"
            },
            {
              "name": "RHSA-2024:1250",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1250"
            },
            {
              "name": "RHSA-2024:1253",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1253"
            },
            {
              "name": "RHSA-2024:1306",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1306"
            },
            {
              "name": "RHSA-2024:1607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1607"
            },
            {
              "name": "RHSA-2024:1612",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1612"
            },
            {
              "name": "RHSA-2024:1614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1614"
            },
            {
              "name": "RHSA-2024:2093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2093"
            },
            {
              "name": "RHSA-2024:2394",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2394"
            },
            {
              "name": "RHSA-2024:2621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2621"
            },
            {
              "name": "RHSA-2024:2697",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2697"
            },
            {
              "name": "RHSA-2024:4577",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4577"
            },
            {
              "name": "RHSA-2024:4729",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4729"
            },
            {
              "name": "RHSA-2024:4731",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4731"
            },
            {
              "name": "RHSA-2024:4970",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:4970"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-6546"
            },
            {
              "name": "RHBZ#2255498",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"
            },
            {
              "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-12-18T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-12-21T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Kernel: gsm multiplexing race condition leads to privilege escalation",
          "workarounds": [
            {
              "lang": "en",
              "value": "This flaw can be mitigated by preventing the affected `n_gsm` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-366: Race Condition within a Thread"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-6546",
        "datePublished": "2023-12-21T20:01:03.217Z",
        "dateReserved": "2023-12-06T07:11:48.937Z",
        "dateUpdated": "2026-02-18T17:14:39.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4456 (GCVE-0-2023-4456)

    Vulnerability from cvelistv5 – Published: 2023-08-21 15:19 – Updated: 2025-11-20 18:27
    VLAI
    Title
    Openshift-logging: lokistack authorisation is cached too broadly
    Summary
    A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1220 - Insufficient Granularity of Access Control
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:4933 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5095 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5096 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-4456 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2233087 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat RHOL-5.5-RHEL-8 Unaffected: v0.1.0-327 , < * (rpm)
        cpe:/a:redhat:logging:5.5::el8
    Create a notification for this product.
    Red Hat RHOL-5.6-RHEL-8 Unaffected: v0.1.0-326 , < * (rpm)
        cpe:/a:redhat:logging:5.6::el8
    Create a notification for this product.
    Red Hat RHOL-5.7-RHEL-8 Unaffected: v0.1.0-325 , < * (rpm)
        cpe:/a:redhat:logging:5.7::el8
    Create a notification for this product.
    Date Public
    2023-08-21 00:00
    Credits
    This issue was discovered by Robert Jacob (Red Hat).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4456",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-26T20:04:56.956783Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:27:25.132Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:31:05.461Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2023:4933",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:4933"
              },
              {
                "name": "RHSA-2023:5095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5095"
              },
              {
                "name": "RHSA-2023:5096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5096"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-4456"
              },
              {
                "name": "RHBZ#2233087",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233087"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.5::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.5-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-327",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.6::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.6-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-326",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.7::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel8",
              "product": "RHOL-5.7-RHEL-8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-325",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "This issue was discovered by Robert Jacob (Red Hat)."
            }
          ],
          "datePublic": "2023-08-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1220",
                  "description": "Insufficient Granularity of Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T18:27:42.202Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:4933",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:4933"
            },
            {
              "name": "RHSA-2023:5095",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5095"
            },
            {
              "name": "RHSA-2023:5096",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5096"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-4456"
            },
            {
              "name": "RHBZ#2233087",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233087"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-08-21T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-08-21T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Openshift-logging: lokistack authorisation is cached too broadly",
          "x_redhatCweChain": "CWE-1220: Insufficient Granularity of Access Control"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-4456",
        "datePublished": "2023-08-21T15:19:22.208Z",
        "dateReserved": "2023-08-21T11:46:25.407Z",
        "dateUpdated": "2025-11-20T18:27:42.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }