Home » Linux kernel is weak: vulnerability allows denial of service
Technology

Linux kernel is weak: vulnerability allows denial of service

by admin
Linux kernel is weak: vulnerability allows denial of service

An IT safety alert replace for a identified vulnerability has been issued for the Linux kernel. You can examine which working methods and merchandise are affected by the safety hole right here at information.de.

Federal workplace for Security in Information Technology (BSI) revealed an replace on May 23, 2024 for a Linux kernel safety vulnerability identified on November 5, 2023. The safety vulnerability impacts the Linux working system and merchandise Debian Linux, Ubuntu Linux, SUSE Linux, EMC Avamar , Open Source Linux Kernel and Dell NetWorker.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability will be discovered right here: Ubuntu Security Notice USN-6777-4 (From 23 May 2024). Some helpful assets are listed later on this article.

Linux Kernel Security Advisory – Risk: medium

Risk degree: 3 (average)
CVSS Base Score: 4.3
CVSS interim rating: 4.0
Remote assault: No

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop methods. The CVSS commonplace makes it attainable to check potential or precise safety dangers based mostly on numerous standards with a purpose to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of the vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. For momentary impact, body situations which will change over time are thought-about within the check. The severity of the present vulnerability is assessed as “average” in line with the CVSS with a base rating of 4.3.

See also  Report: Indiana Jones launches this year - Sina Hong Kong

Linux Kernel Bug: Vulnerability Enables Denial of Service

The kernel represents the core of the Linux working system.

An attacker at shut vary might exploit a vulnerability within the Linux kernel to carry out a denial of service assault.

Vulnerabilities are recognized by a CVE (Common Vulnerabilities and Exposures) serial quantity. CVE-2023-47233 on the market.

Systems affected by the safety hole at a look

working system
Linux

Products
Debian Linux (cpe:/o:debian:debian_linux)
Ubuntu Linux (cpe:/o:canonical:ubuntu_linux)
SUSE Linux (cpe:/o:use:suse_linux)
EMC Avamar (cpe:/a:emc:avamar)
Open Source Linux Kernel Dell NetWorker digital (cpe:/a:dell:networker)

General steps for coping with IT vulnerabilities

  1. Users of affected methods ought to keep up-to-date. When safety holes are identified, producers are required to repair them shortly by creating a patch or workaround. When new safety updates can be found, set up them instantly.
  2. For info, see the sources listed within the subsequent part. This usually comprises further details about the most recent model of the software program in query and the provision of safety patches or efficiency suggestions.
  3. If you’ve gotten any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to verify each time a producing firm makes a brand new safety replace out there.

Manufacturer details about updates, patches and workarounds

Here you’ll discover some hyperlinks with details about bug reviews, safety fixes and workarounds.

Ubuntu Security Notice USN-6777-4 vom 2024-05-23 (23.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6775-2 vom 2024-05-22 (21.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6777-3 vom 2024-05-22 (21.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6777-2 vom 2024-05-20 (20.05.2024)
For extra info, see:

See also  E-car manufacturer Lucid lays off 1,300 employees

Ubuntu Security Notice USN-6778-1 vom 2024-05-16 (16.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6775-1 vom 2024-05-16 (16.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6776-1 vom 2024-05-16 (16.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6774-1 vom 2024-05-16 (16.05.2024)
For extra info, see:

Ubuntu Security Notice USN-6777-1 vom 2024-05-16 (16.05.2024)
For extra info, see:

Dell Security Advisory DSA-2024-198 vom 2024-05-08 (07.05.2024)
For extra info, see:

Debian Security Advisory DSA-5681 vom 2024-05-06 (06.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0483-1 vom 2024-02-15 (15.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0484-1 vom 2024-02-15 (15.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0478-1 vom 2024-02-15 (15.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0514-1 vom 2024-02-15 (15.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0516-1 vom 2024-02-15 (15.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0515-1 vom 2024-02-15 (15.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0474-1 vom 2024-02-14 (14.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0463-1 vom 2024-02-14 (14.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0468-1 vom 2024-02-14 (14.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0469-1 vom 2024-02-14 (14.02.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:0476-1 vom 2024-02-14 (14.02.2024)
For extra info, see:

National Vulnerability Database vom 2023-11-05 (05.11.2023)
For extra info, see:

GitHub Advisory Database vom 2023-11-05 (05.11.2023)
For extra info, see:

Version historical past of this safety alert

This is model 9 of this IT safety discover for the Linux kernel. This doc can be up to date as extra updates are introduced. You can examine modifications or additions on this model historical past.

See also  Habeck: Coal-fired power plants can be switched off

November 5, 2023 – First model
02/14/2024 – New updates from SUSE added
02/15/2024 – New updates from SUSE added
05/06/2024 – New updates from Debian added
May 7, 2024 – New updates from Dell added
May 16, 2024 – Added new persona updates
May 20, 2024 – Added new persona updates
May 21, 2024 – Added new updates for Ubuntu
May 23, 2024 – Added new updates for Ubuntu

+++ Editorial observe: This doc relies on present BSI knowledge and can be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you’ll discover scorching information, present movies and a direct line to the editorial crew.

kns/roj/information.de

You may also like

Apache CXF: Vulnerability permits safety measures to be...

Hoover HG4, overview: a cleansing robotic that prices...

AMD Ryzen AI 300 GPU has robust efficiency...

IT safety: Vulnerable Linux, MacOS X and Windows...

“Starry Sky” gamers handed 14 million, Todd confirmed...

Square Enix Producer: “We’d Like” To Release Final...

Linux kernel is susceptible: vulnerability permits denial of...

“Monster Hunter NOW” releases a brand new alloy...

IT Security: Threats to Linux and UNIX –...

The new work of the “Shovel Knight” staff...

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy