Home » IT Security: Threats to Linux – IT safety alert replace for Red Hat OpenShift (vulnerability: medium)

IT Security: Threats to Linux – IT safety alert replace for Red Hat OpenShift (vulnerability: medium)

by admin
IT Security: Threats to Linux – IT safety alert replace for Red Hat OpenShift (vulnerability: medium)

The safety alert issued for Red Hat OpenShift has acquired an replace from BSI. You can examine which merchandise are affected by safety holes right here at information.de.

Federal workplace for Security in Information Technology (BSI) has issued an replace on June 2, 2024 to a high-risk safety gap in Red Hat OpenShift identified on April 22, 2024. The safety vulnerability impacts the Linux working system and Red Hat Enterprise Linux merchandise, the Oracle Linux and Red Hat OpenShift.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability might be discovered right here: Oracle Linux Security Advisory ELSA-2024-3254 (As of June 1, 2024). Some helpful hyperlinks are listed later on this article.

Multiple vulnerabilities for Red Hat OpenShift – Risk: reasonable

Risk stage: 3 (reasonable)
CVSS Base Score: 6.5
CVSS provisional rating: 5,7
Remote management: Ja

The Common Vulnerability Scoring System (CVSS) is used to evaluate the vulnerability of pc techniques. The CVSS customary makes it doable to match potential or precise safety dangers primarily based on varied standards so as to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. For short-term impact, body situations that will change over time are thought of within the check. According to CVSS, the chance of the vulnerability talked about right here is rated as “reasonable” with 6.5 foundation factors.

See also  Nintendo Reminds Switch Users to Avoid Damaging the Game Card Slot

Red Hat OpenShift Bug: Description of the assault

Red Hat OpenShift is a “Platform as a Service” (PaaS) answer for delivering purposes within the cloud.

An approved distant attacker might exploit a number of vulnerabilities in Red Hat OpenShift to trigger a denial of service or expose delicate info.

Vulnerabilities are recognized by distinctive CVE (Common Vulnerabilities and Exposures) numbers. CVE-2024-28180 and CVE-2024-28849 on the market.

Systems affected by the safety hole at a look

working system
Linux

Products
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Oracle Linux (cpe:/o:oracle:linux)
Red Hat Platform OpenShift Container Service Red Hat OpenShift Container Platform Red Hat Red Hat OpenShift Container Platform Red Hat OpenShift Container Platform Red Hat Platform OpenShift Container Platform Red Hat OpenShift Platform Container

Common steps to handle IT safety gaps

  1. Users of affected techniques ought to keep up-to-date. When safety holes are identified, producers are required to repair them shortly by growing a patch or workaround. When new safety updates can be found, set up them instantly.
  2. For info, see the sources listed within the subsequent part. This usually incorporates further details about the most recent model of the software program in query and the provision of safety patches or efficiency ideas.
  3. If you might have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to often test if IT safety alert Affected producers present a brand new safety replace.

Sources for updates, patches and workarounds

Here one can find some hyperlinks with details about bug experiences, safety fixes and workarounds.

Oracle Linux Security Advisory ELSA-2024-3254 vom 2024-06-01 (02.06.2024)
For extra info, see:

See also  Vulnerable Dell BIOS: safety warning! Many IT vulnerabilities have been reported

Red Hat Security Advisory RHSA-2024:3327 vom 2024-05-29 (30.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:3349 vom 2024-05-30 (30.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:3349 vom 2024-05-30 (30.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2877 vom 2024-05-23 (23.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2869 vom 2024-05-23 (22.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:3254 vom 2024-05-22 (21.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2865 vom 2024-05-21 (20.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2784 vom 2024-05-16 (16.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2773 vom 2024-05-15 (15.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2776 vom 2024-05-15 (15.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2672 vom 2024-05-09 (09.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2669 vom 2024-05-09 (09.05.2024)
For extra info, see:

Oracle Linux Security Advisory ELSA-2024-2549 vom 2024-05-07 (07.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2071 vom 2024-05-02 (02.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2054 vom 2024-05-02 (02.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2047 vom 2024-05-02 (02.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2549 vom 2024-04-30 (01.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2639 vom 2024-05-01 (01.05.2024)
For extra info, see:

Red Hat Bugzilla – Bug 2269576 (22.04.2024)
For extra info, see:

Red Hat Bugzilla – Bug 2268854 (22.04.2024)
For extra info, see:

Red Hat Security Advisory vom 2024-04-22 (22.04.2024)
For extra info, see:

Version historical past of this safety alert

This is model 13 of this Red Hat OpenShift IT safety advisory. This doc might be up to date as extra updates are introduced. You can see the adjustments made utilizing the model historical past under.

See also  Built on HarmonyOS!Overseas versions of HUAWEI P60 and Mate X3 will be preloaded with EMUI 13.1 system

April 22, 2024 – First model
May 1, 2024 – New updates from Red Hat added
May 2, 2024 – New updates from Red Hat added
May 7, 2024 – New Oracle Linux updates added
May 9, 2024 – New updates from Red Hat have been added
May 15, 2024 – New updates from Red Hat have been added
May 16, 2024 – New updates from Red Hat have been added
May 20, 2024 – New updates from Red Hat have been added
May 21, 2024 – New updates from Red Hat added
05/22/2024 – New updates from Red Hat have been added
May 23, 2024 – New updates from Red Hat have been added
May 30, 2024 – New updates from Red Hat have been added
June 2, 2024 – New Oracle Linux updates added

+++ Editorial observe: This doc relies on present BSI information and might be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here one can find scorching information, present movies and a direct line to the editorial workforce.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy