Home » IT safety: Linux is susceptible – IT safety warning replace on the Linux kernel (vulnerability: medium)

IT safety: Linux is susceptible – IT safety warning replace on the Linux kernel (vulnerability: medium)

by admin
IT safety: Linux is susceptible – IT safety warning replace on the Linux kernel (vulnerability: medium)

As BSI reviews, an IT safety warning a few recognized vulnerability within the Linux kernel has obtained an replace. You can learn an outline of the safety hole together with the newest updates and details about affected Linux techniques and merchandise right here.

Federal workplace for Security in Information Technology (BSI) printed an replace on May 15, 2024 for a safety vulnerability within the Linux kernel recognized on December 10, 2023. The safety vulnerability impacts the Linux working system and merchandise Debian Linux, Amazon Linux 2, Red Hat Enterprise Linux , Fedora Linux, Ubuntu Linux, SUSE Linux, Oracle Linux, Open Source Linux Kernel and IBM Security Guardum.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability may be discovered right here: IBM Security Bulletin 7152469 (From 15 May 2024). Some helpful hyperlinks are listed later on this article.

Linux Kernel Security Advisory – Risk: medium

Risk stage: 3 (average)
CVSS Base Score: 5.5
CVSS provisional rating: 4.8
Remote assault: No

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in pc techniques. The CVSS customary makes it potential to match potential or precise safety dangers primarily based on numerous standards to create a precedence checklist for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. Temporal scores additionally consider adjustments over time within the danger scenario. According to the CVSS, the present vulnerability menace is assessed as “average” with a base rating of 5.5.

See also  Microsoft: Sony has more exclusive games, many of which are of better quality - Engadget 中文版

Linux Kernel Bug: Vulnerability Enables Denial of Service

The kernel represents the core of the Linux working system.

A neighborhood attacker can exploit a vulnerability within the Linux kernel to carry out a denial of service assault.

Vulnerabilities are recognized by a CVE (Common Vulnerabilities and Exposures) serial quantity. CVE-2023-6622 on the market.

Systems affected by the safety hole at a look

working system
Linux

Products
Debian Linux (cpe:/o:debian:debian_linux)
Amazon Linux 2 (cpe:/o:amazon:linux_2)
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Fedora Linux (cpe:/o:fedoraproject:fedora)
Ubuntu Linux (cpe:/o:canonical:ubuntu_linux)
SUSE Linux (cpe:/o:use:suse_linux)
Oracle Linux (cpe:/o:oracle:linux)
Open Source Linux Kernel (cpe:/o:linux:linux_kernel)
IBM Security Guardium 12.0 (cpe:/a:ibm:security_guardium)

General suggestions for coping with IT vulnerabilities

  1. Users of the affected apps ought to keep up-to-date. When safety holes are recognized, producers are required to repair them shortly by growing a patch or workaround. If safety patches can be found, set up them instantly.
  2. For data, see the sources listed within the subsequent part. This typically comprises further details about the newest model of the software program in query and the supply of safety patches or efficiency suggestions.
  3. If you may have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to recurrently verify the desired sources to see if a brand new safety replace is offered.

Manufacturer details about updates, patches and workarounds

Here one can find some hyperlinks with details about bug reviews, safety fixes and workarounds.

IBM Security Bulletin 7152469 vom 2024-05-15 (15.05.2024)
For extra data, see:

Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30 (29.04.2024)
For extra data, see:

Ubuntu Security Notice USN-6652-1 vom 2024-02-23 (25.02.2024)
For extra data, see:

See also  the announcement video of the futuristic device

Ubuntu Security Notice USN-6626-3 vom 2024-02-16 (15.02.2024)
For extra data, see:

Ubuntu Security Notice USN-6639-1 vom 2024-02-15 (14.02.2024)
For extra data, see:

Ubuntu Security Notice USN-6628-2 vom 2024-02-15 (14.02.2024)
For extra data, see:

Oracle Linux Security Advisory ELSA-2024-12159 vom 2024-02-15 (14.02.2024)
For extra data, see:

Ubuntu Security Notice USN-6626-2 vom 2024-02-14 (13.02.2024)
For extra data, see:

Ubuntu Security Notice USN-6628-1 vom 2024-02-09 (08.02.2024)
For extra data, see:

Ubuntu Security Notice USN-6626-1 vom 2024-02-08 (07.02.2024)
For extra data, see:

Ubuntu Security Notice USN-6624-1 vom 2024-02-07 (07.02.2024)
For extra data, see:

Amazon Linux Security Advisory ALASKERNEL-5.15-2024-035 vom 2024-01-23 (22.01.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0156-1 vom 2024-01-18 (18.01.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0141-1 vom 2024-01-18 (18.01.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0160-1 vom 2024-01-18 (18.01.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0115-1 vom 2024-01-16 (16.01.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0129-1 vom 2024-01-16 (16.01.2024)
For extra data, see:

Amazon Linux Security Advisory ALASKERNEL-5.15-2024-033 vom 2024-01-09 (09.01.2024)
For extra data, see:

Debian Security Advisory DSA-5593 vom 2024-01-01 (01.01.2024)
For extra data, see:

Fedora Security Advisory FEDORA-2023-26FFE7D3C7 vom 2023-12-14 (13.12.2023)
For extra data, see:

Fedora Security Advisory FEDORA-2023-DCEE14345B vom 2023-12-14 (13.12.2023)
For extra data, see:

RedHat Customer Portal vom 2023-12-10 (10.12.2023)
For extra data, see:

RedHat Bugzilla as of 2023-12-10 (10.12.2023)
For extra data, see:

Version historical past of this safety alert

This is model 15 of this Linux Kernel IT Security Notice. This doc will probably be up to date as extra updates are introduced. You can examine adjustments or additions on this model historical past.

See also  GitLab: New vulnerability! UNIX and Linux affected

December 10, 2023 – First model
12/13/2023 – New updates from Fedora added
01/01/2024 – New updates from Debian added
January 9, 2024 – New updates from Amazon added
01/16/2024 – New updates from SUSE added
01/18/2024 – New updates from SUSE added
01/22/2024 – New updates from Amazon added
02/07/2024 – Added new character updates
02/08/2024 – Added new character updates
02/13/2024 – New replace for Ubuntu added
02/14/2024 – Added new updates for Oracle Linux and Ubuntu
02/15/2024 – New replace for Ubuntu added
02/25/2024 – New replace for Ubuntu added
April 29, 2024 – New updates from Red Hat have been added
May 15, 2024 – New updates from IBM added

+++ Editorial be aware: This doc is predicated on present BSI information and will probably be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here one can find scorching information, present movies and a direct line to the editorial staff.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy