CVE-2024-35833 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA This dma_alloc_coherent() is undone neither in the remove function, nor in the error handling path of fsl_qdma_probe(). Switch to the managed version to fix both issues.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3
https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24
https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8
https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59
https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714
https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6
https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024051731-CVE-2024-35833-0b1b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-35833
https://www.cve.org/CVERecord?id=CVE-2024-35833

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Tue, 05 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Tue, 29 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-17T13:48:24.319Z

Updated: 2024-12-19T08:56:06.452Z

Reserved: 2024-05-17T12:19:12.349Z

Link: CVE-2024-35833

Vulnrichment

Updated: 2024-08-02T03:21:48.443Z

NVD

Status : Awaiting Analysis

Published: 2024-05-17T14:15:19.930

Modified: 2024-11-21T09:21:00.180

Link: CVE-2024-35833

Redhat

Severity : Moderate

Publid Date: 2024-05-17T00:00:00Z

Links: CVE-2024-35833 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35833", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T12:19:12.349Z", "datePublished": "2024-05-17T13:48:24.319Z", "dateUpdated": "2024-12-19T08:56:06.452Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:56:06.452Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA\n\nThis dma_alloc_coherent() is undone neither in the remove function, nor in\nthe error handling path of fsl_qdma_probe().\n\nSwitch to the managed version to fix both issues."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/fsl-qdma.c"], "versions": [{"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "ae6769ba51417c1c86fb645812d5bff455eee802", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "15eb996d7d13cb72a16389231945ada8f0fef2c3", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "198270de9d8eb3b5d5f030825ea303ef95285d24", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "3aa58cb51318e329d203857f7a191678e60bb714", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/fsl-qdma.c"], "versions": [{"version": "5.1", "status": "affected"}, {"version": "0", "lessThan": "5.1", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.269", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.210", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.149", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.78", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.17", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.5", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8"}, {"url": "https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802"}, {"url": "https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3"}, {"url": "https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59"}, {"url": "https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6"}, {"url": "https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24"}, {"url": "https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714"}], "title": "dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-05-31T18:42:15.309549Z", "id": "CVE-2024-35833", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-29T19:28:55.561Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:48.443Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:48.443Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-35833", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-31T18:42:15.309549Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-31T18:42:22.577Z"}}], "cna": {"title": "dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "ae6769ba51417c1c86fb645812d5bff455eee802", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "15eb996d7d13cb72a16389231945ada8f0fef2c3", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "198270de9d8eb3b5d5f030825ea303ef95285d24", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa09829a6404424ce167bf3ce3235e2", "lessThan": "3aa58cb51318e329d203857f7a191678e60bb714", "versionType": "git"}], "programFiles": ["drivers/dma/fsl-qdma.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.1"}, {"status": "unaffected", "version": "0", "lessThan": "5.1", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.269", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.210", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.149", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.78", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.17", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.5", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/dma/fsl-qdma.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8"}, {"url": "https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802"}, {"url": "https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3"}, {"url": "https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59"}, {"url": "https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6"}, {"url": "https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24"}, {"url": "https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA\n\nThis dma_alloc_coherent() is undone neither in the remove function, nor in\nthe error handling path of fsl_qdma_probe().\n\nSwitch to the managed version to fix both issues."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:56:06.452Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35833", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:56:06.452Z", "dateReserved": "2024-05-17T12:19:12.349Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T13:48:24.319Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA\n\nThis dma_alloc_coherent() is undone neither in the remove function, nor in\nthe error handling path of fsl_qdma_probe().\n\nSwitch to the managed version to fix both issues."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: fsl-qdma: corregida una p\u00e9rdida de memoria relacionada con el comando de cola DMA. Este dma_alloc_coherent() no se deshace ni en la funci\u00f3n de eliminaci\u00f3n ni en la ruta de manejo de errores de fsl_qdma_probe() . Cambie a la versi\u00f3n administrada para solucionar ambos problemas."}], "id": "CVE-2024-35833", "lastModified": "2024-11-21T09:21:00.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-17T14:15:19.930", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA", "id": "2281169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281169"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA\nThis dma_alloc_coherent() is undone neither in the remove function, nor in\nthe error handling path of fsl_qdma_probe().\nSwitch to the managed version to fix both issues.", "A memory leak flaw was found in the `dmaengine: fsl-qdma` driver in the Linux kernel, which occurs during queue command operations for Direct Memory Access (DMA). This issue could lead to increased memory usage, potentially affecting system performance and stability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35833", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35833\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35833\nhttps://lore.kernel.org/linux-cve-announce/2024051731-CVE-2024-35833-0b1b@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.269, kernel 5.10.210, kernel 5.15.149, kernel 6.1.78, kernel 6.6.17, kernel 6.7.5, kernel 6.8"}