Home » Linux Kernel: Multiple vulnerabilities enable unspecified assaults

Linux Kernel: Multiple vulnerabilities enable unspecified assaults

by admin
Linux Kernel: Multiple vulnerabilities enable unspecified assaults

An IT safety alert replace for a recognized vulnerability has been issued for the Linux kernel. You can learn an outline of the safety hole together with the newest updates and details about affected working methods and merchandise right here.

Federal workplace for Security in Information Technology (BSI) revealed an replace on June 4, 2024 to a Linux kernel safety vulnerability recognized on February 27, 2024. The safety vulnerability impacts the Linux working system and merchandise Red Hat Enterprise Linux, SUSE Linux, EMC Avamar, Open Source Linux Kernel and Dell NetWorker.

The newest producer suggestions concerning updates, workarounds and safety patches for this vulnerability may be discovered right here: Red Hat Security Advisory RHSA-2024:3618 (As of June 5, 2024). Some helpful hyperlinks are listed later on this article.

Linux Kernel Security Advisory – Risk: medium

Risk degree: 3 (reasonable)
CVSS Base Score: 5.3
CVSS provisional rating: 4,6
Remote assault: No

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop methods. The CVSS commonplace makes it attainable to check potential or precise safety dangers primarily based on varied standards as a way to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. For short-term impact, body circumstances that will change over time are thought-about within the check. The magnitude of the vulnerability talked about right here is rated as “reasonable” in keeping with CVSS with a base rating of 5.3.

Linux Kernel Bug: Multiple vulnerabilities enable unspecified assaults

The kernel represents the core of the Linux working system.

An area attacker can exploit a number of vulnerabilities within the Linux kernel to carry out unspecified assaults.

Vulnerabilities are recognized by distinctive CVE (Common Vulnerabilities and Exposures) numbers. CVE-2021-47009, CVE-2021-47012, CVE-2021-47013, CVE-2021-47014, CVE-2021-47015, CVE-2021-47017, CVE-2021-4702018, CVE-4702018 2021-47037, CVE -2021-47038, CVE-2021-47039, CVE-2021-47040, CVE-2021-47041, CVE-2021-47042, CVE-2021-4707-204, CVE-470404, CVE-2021-47204-204 47045, CVE-2021-47046, CVE-2021-47047, CVE-2021-47048, CVE-2021-47049, CVE-2021-47050, CVE-2021-47051, CVE-47052 u2052 u2052-2052 on the market.

See also  The new Apple TV upgrade processor does not support 8K streaming, which will be launched next year

Systems affected by the safety hole at a look

working system
Linux

Products
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
SUSE Linux (cpe:/o:use:suse_linux)
EMC Avamar (cpe:/a:emc:avamar)
Open Source Linux Kernel Dell NetWorker digital (cpe:/a:dell:networker)

General steps for coping with IT vulnerabilities

  1. Users of affected methods ought to keep up-to-date. When safety holes are recognized, producers are required to repair them rapidly by growing a patch or workaround. If safety patches can be found, set up them instantly.
  2. For data, see the sources listed within the subsequent part. This usually accommodates extra details about the newest model of the software program in query and the supply of safety patches or efficiency ideas.
  3. If you have got any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to usually test the desired sources to see if a brand new safety replace is accessible.

Sources for updates, patches and workarounds

Here you will discover some hyperlinks with details about bug experiences, safety fixes and workarounds.

Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05 (04.06.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30 (30.05.2024)
For extra data, see:

Red Hat Security Advisory RHSA-2024:3462 vom 2024-05-29 (28.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21 (21.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15 (15.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1650-1 vom 2024-05-15 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1642-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

See also  The end of cash, finally

SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1645-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

Dell Security Advisory DSA-2024-198 vom 2024-05-08 (07.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26 (28.04.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0925-1 vom 2024-03-22 (24.03.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0975-1 vom 2024-03-22 (24.03.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0976-1 vom 2024-03-22 (24.03.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0926-1 vom 2024-03-22 (24.03.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0856-1 vom 2024-03-13 (12.03.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:0857-1 vom 2024-03-13 (12.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

See also  New Oppo Find N2 (Flip) is official

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-02-27 (27.02.2024)
For extra data, see:

Version historical past of this safety alert

This is model 11 of this Linux Kernel IT Security Notice. If additional updates are introduced, this doc will probably be up to date. You can examine modifications or additions on this model historical past.

02/27/2024 – First model
03/12/2024 – New updates from SUSE added
03/24/2024 – New updates from SUSE added
April 28, 2024 – New updates from SUSE added
May 7, 2024 – New updates from Dell added
May 14, 2024 – New updates from SUSE added
May 15, 2024 – New updates from SUSE added
May 21, 2024 – New updates from SUSE added
May 28, 2024 – New updates from Red Hat have been added
May 30, 2024 – New updates from SUSE added
June 4, 2024 – New updates from Red Hat have been added

+++ Editorial notice: This doc relies on present BSI information and will probably be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you will discover scorching information, present movies and a direct line to the editorial workforce.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy