Home » Linux Kernel: Multiple vulnerabilities enable unspecified assaults

Linux Kernel: Multiple vulnerabilities enable unspecified assaults

by admin
Linux Kernel: Multiple vulnerabilities enable unspecified assaults

An IT safety alert replace for a identified vulnerability has been issued for the Linux kernel. You can learn how affected customers ought to behave right here.

Federal workplace for Security in Information Technology (BSI) printed an replace on June 4, 2024 a couple of safety vulnerability within the Linux kernel identified on March 20, 2024. The safety vulnerability impacts the Linux working system and merchandise Debian Linux, Red Hat Enterprise Linux, Fedora Linux, SUSE Linux, Oracle Linux and Open Source Linux Kernel.

The newest producer suggestions relating to updates, workarounds and safety patches for this vulnerability will be discovered right here: Red Hat Security Advisory RHSA-2024:3618 (As of June 5, 2024). Some helpful hyperlinks are listed later on this article.

Linux Kernel Security Advisory – Risk: medium

Risk stage: 3 (reasonable)
CVSS Base Score: 7.3
CVSS provisional rating: 6,4
Remote management: Ja

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop programs. The CVSS commonplace makes it doable to match potential or precise safety dangers based mostly on numerous metrics with a purpose to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. For momentary impact, body situations which will change over time are thought-about within the check. According to the CVSS, the danger of the present vulnerability is classed as “inner” with 7.3 foundation factors.

Linux Kernel Bug: Multiple vulnerabilities enable unspecified assaults

The kernel represents the core of the Linux working system.

See also  Discounter sells very special e-bikes cheaper

A distant, unknown attacker can exploit a number of vulnerabilities within the Linux kernel to carry out unspecified assaults.

Vulnerabilities are recognized by distinctive CVE (Common Vulnerabilities and Exposures) product numbers. CVE-2023-52620 and CVE-2024-26642 on the market.

Systems affected by the safety hole at a look

working system
Linux

Products
Debian Linux (cpe:/o:debian:debian_linux)
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Fedora Linux (cpe:/o:fedoraproject:fedora)
SUSE Linux (cpe:/o:use:suse_linux)
Oracle Linux (cpe:/o:oracle:linux)
Open Source Linux Kernel (cpe:/o:linux:linux_kernel)

General suggestions for addressing IT safety gaps

  1. Users of affected programs ought to keep up-to-date. When safety holes are identified, producers are required to repair them rapidly by growing a patch or workaround. When new safety updates can be found, set up them instantly.
  2. For info, see the sources listed within the subsequent part. This usually comprises further details about the most recent model of the software program in query and the provision of safety patches or efficiency suggestions.
  3. If you’ve got any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to commonly verify if IT safety alert Affected producers present a brand new safety replace.

Manufacturer details about updates, patches and workarounds

Here you’ll find some hyperlinks with details about bug studies, safety fixes and workarounds.

Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05 (04.06.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30 (30.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:3461 vom 2024-05-29 (28.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:3460 vom 2024-05-29 (28.05.2024)
For extra info, see:

Oracle Linux Security Advisory ELSA-2024-3306 vom 2024-05-25 (26.05.2024)
For extra info, see:

See also  The Launch Date and Features of the iPhone 15 Revealed: Smaller Bezels, Improved Camera, and USB-C Port

Red Hat Security Advisory RHSA-2024:3306 vom 2024-05-23 (22.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22 (21.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22 (21.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21 (21.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15 (15.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14 (14.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14 (14.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14 (14.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14 (14.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14 (14.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14 (14.05.2024)
For extra info, see:

Debian Security Advisory DSA-5681 vom 2024-05-06 (06.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03 (02.05.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1480-1 vom 2024-04-30 (01.05.2024)
For extra info, see:

Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30 (29.04.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1466-1 vom 2024-04-29 (29.04.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1332-1 vom 2024-04-18 (18.04.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1322-2 vom 2024-04-18 (18.04.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1332-2 vom 2024-04-18 (18.04.2024)
For extra info, see:

SUSE Security Update SUSE-SU-2024:1322-1 vom 2024-04-17 (16.04.2024)
For extra info, see:

Fedora Security Advisory FEDORA-2024-7DD4B3B9A4 vom 2024-04-04 (03.04.2024)
For extra info, see:

CVE announcement on lore.kernel.org dated 2024-03-20 (20.03.2024)
For extra info, see:

CVE announcement on lore.kernel.org dated 2024-03-20 (20.03.2024)
For extra info, see:

See also  Boeing boss admits errors for the first time after the emergency landing of the 737 Max 9

Version historical past of this safety alert

This is model 16 of this Linux Kernel IT Security Notice. This doc might be up to date as extra updates are introduced. You can see the adjustments made utilizing the model historical past beneath.

March 20, 2024 – First model
April 3, 2024 – Added new updates from Fedora
April 16, 2024 – New updates from SUSE added
April 18, 2024 – New updates from SUSE added
April 29, 2024 – New updates from SUSE added
May 1, 2024 – New updates from SUSE added
May 2, 2024 – New updates from SUSE added
05/06/2024 – New updates from Debian added
May 14, 2024 – New updates from SUSE added
May 15, 2024 – New updates from SUSE added
May 21, 2024 – New updates from SUSE added
05/22/2024 – New updates from Red Hat have been added
May 26, 2024 – New Oracle Linux updates added
May 28, 2024 – New updates from Red Hat have been added
May 30, 2024 – New updates from SUSE added
June 4, 2024 – New updates from Red Hat have been added

+++ Editorial word: This doc is predicated on present BSI knowledge and might be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you’ll find scorching information, present movies and a direct line to the editorial crew.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy