As BSI stories, an IT safety warning a few recognized vulnerability within the Linux kernel (bluetooth) has obtained an replace. You can learn the way affected customers ought to behave right here.
Federal Office for Security in Information Technology (BSI) has issued an replace on May 21, 2024 to a safety vulnerability within the Linux kernel (bluetooth) recognized on January 4, 2024. The safety vulnerability impacts the Linux working system and merchandise Red Hat Enterprise Linux, Ubuntu Linux, SUSE Linux , EMC Avamar, Open Source Linux Kernel, IGEL OS and Dell NetWorker.
The newest producer suggestions for updates, workarounds and safety patches for this vulnerability may be discovered right here: Red Hat Security Advisory RHSA-2024:3138 (From 22 May 2024). Some helpful hyperlinks are listed later on this article.
Security discover for Linux kernel (bluetooth) – danger: medium
Risk stage: 5 (average)
CVSS Base Score: 7.8
CVSS provisional rating: 6,8
Remote assault: No
The Common Vulnerability Scoring System (CVSS) is used to evaluate the vulnerability of pc programs. The CVSS commonplace makes it potential to check potential or precise safety dangers based mostly on numerous metrics with a purpose to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of the vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. Temporal scores additionally have in mind modifications over time within the danger state of affairs. According to CVSS, the danger of the present vulnerability is classed as “inner” with 7.8 foundation factors.
Linux kernel bug (bluetooth): vulnerability permits denial of service and code execution
The kernel represents the core of the Linux working system.
A neighborhood attacker may exploit a vulnerability within the Linux kernel to carry out a denial of service assault or execute malicious code.
Vulnerabilities have been labeled utilizing the CVE (Common Vulnerabilities and Exposures) reference system for every serial quantity CVE-2023-51779.
Systems affected by the safety hole at a look
working system
Linux
Products
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Ubuntu Linux (cpe:/o:canonical:ubuntu_linux)
SUSE Linux (cpe:/o:use:suse_linux)
EMC Avamar (cpe:/a:emc:avamar)
Open Source Linux Kernel IGEL OS Dell NetWorker digital (cpe:/a:dell:networker)
General suggestions for coping with IT vulnerabilities
- Users of affected programs ought to keep up-to-date. When safety holes are recognized, producers are required to repair them rapidly by creating a patch or workaround. When new safety updates can be found, set up them instantly.
- For info, see the sources listed within the subsequent part. This typically incorporates further details about the newest model of the software program in query and the provision of safety patches or efficiency ideas.
- If you’ve gotten any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to often test if IT safety alert Affected producers present a brand new safety replace.
Manufacturer details about updates, patches and workarounds
Here you will see that some hyperlinks with details about bug stories, safety fixes and workarounds.
Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22 (21.05.2024)
For extra info, see:
Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22 (21.05.2024)
For extra info, see:
Dell Security Advisory DSA-2024-198 vom 2024-05-08 (07.05.2024)
For extra info, see:
Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30 (29.04.2024)
For extra info, see:
Ubuntu Security Notice USN-6740-1 vom 2024-04-19 (21.04.2024)
For extra info, see:
Ubuntu Security Notice USN-6739-1 vom 2024-04-19 (21.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1153-1 vom 2024-04-08 (08.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1097-1 vom 2024-04-03 (02.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1063-1 vom 2024-03-29 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1072-1 vom 2024-03-29 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1047-1 vom 2024-03-28 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1039-1 vom 2024-03-28 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1053-1 vom 2024-03-28 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1040-1 vom 2024-03-28 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1045-1 vom 2024-03-28 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1028-1 vom 2024-03-28 (01.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1017-1 vom 2024-03-28 (27.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1023-1 vom 2024-03-28 (27.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1025-1 vom 2024-03-28 (27.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6686-5 vom 2024-03-27 (27.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0991-1 vom 2024-03-26 (26.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0995-1 vom 2024-03-26 (26.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0986-1 vom 2024-03-26 (25.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0989-1 vom 2024-03-26 (25.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6716-1 vom 2024-03-26 (25.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6705-1 vom 2024-03-20 (20.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6686-4 vom 2024-03-20 (20.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6686-3 vom 2024-03-19 (19.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6680-3 vom 2024-03-19 (19.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6681-4 vom 2024-03-19 (19.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6686-2 vom 2024-03-13 (13.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6681-3 vom 2024-03-13 (13.03.2024)
For extra info, see:
IGEL Security Notice ISN-2024-06 vom 2024-03-12 (12.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6681-2 vom 2024-03-11 (11.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6681-2 vom 2024-03-11 (11.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6680-2 vom 2024-03-08 (07.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6686-1 vom 2024-03-08 (07.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6681-1 vom 2024-03-07 (06.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6680-1 vom 2024-03-07 (06.03.2024)
For extra info, see:
Ubuntu Security Notice USN-6606-1 vom 2024-01-25 (25.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0154-1 vom 2024-01-18 (18.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0156-1 vom 2024-01-18 (18.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0141-1 vom 2024-01-18 (18.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0153-1 vom 2024-01-18 (18.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0160-1 vom 2024-01-18 (18.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0112-1 vom 2024-01-17 (17.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0118-1 vom 2024-01-17 (17.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0110-1 vom 2024-01-17 (17.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0113-1 vom 2024-01-17 (17.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0117-1 vom 2024-01-16 (16.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0120-1 vom 2024-01-16 (16.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0129-1 vom 2024-01-16 (16.01.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0115-1 vom 2024-01-16 (16.01.2024)
For extra info, see:
Red Hat bug tracker #2256822 from 2024-01-04 (04.01.2024)
For extra info, see:
Version historical past of this safety alert
This is model 22 of this IT safety discover for Linux kernels (bluetooth). If additional updates are introduced, this doc might be up to date. You can examine modifications or additions on this model historical past.
January 4, 2024 – First model
01/16/2024 – New updates from SUSE added
01/17/2024 – New updates from SUSE added
01/18/2024 – New updates from SUSE added
01/25/2024 – Added new character updates
03/06/2024 – Added new character updates
03/07/2024 – Added new character updates
03/11/2024 – New replace for Ubuntu added
03/12/2024 – New updates from IGEL added
03/13/2024 – Added new character updates
03/19/2024 – Added new character updates
03/20/2024 – Added new character updates
03/25/2024 – Added new character updates
03/26/2024 – New updates from SUSE added
03/27/2024 – Added new updates for Ubuntu
April 1, 2024 – New updates from SUSE added
04/02/2024 – New updates from SUSE added
04/08/2024 – New updates from SUSE added
April 21, 2024 – Added new character updates
April 29, 2024 – New updates from Red Hat have been added
May 7, 2024 – New updates from Dell added
May 21, 2024 – New updates from Red Hat added
+++ Editorial word: This doc is predicated on present BSI information and might be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++
observe News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here you will see that scorching information, present movies and a direct line to the editorial crew.
kns/roj/information.de