Home » Linux Kernel: Multiple vulnerabilities permit denial of service and unspecified assaults

Linux Kernel: Multiple vulnerabilities permit denial of service and unspecified assaults

by admin
Linux Kernel: Multiple vulnerabilities permit denial of service and unspecified assaults

A safety warning issued for the Linux kernel has acquired an replace from the BSI. You can learn an outline of the safety hole together with the most recent updates and details about affected working methods and merchandise right here.

Federal workplace for Security in Information Technology (BSI) issued an replace on May 16, 2024 to a safety vulnerability within the Linux kernel recognized on March 17, 2024. The safety vulnerability impacts the Linux working system and merchandise Debian Linux, Red Hat Enterprise Linux, Ubuntu Linux, SUSE Linux and Open Source Linux Kernel.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability could be discovered right here: Ubuntu Security Notice USN-6777-1 (From 16 May 2024). Some helpful sources are listed later on this article.

Linux Kernel Security Advisory – Risk: medium

Risk degree: 3 (reasonable)
CVSS Base Score: 5.5
CVSS provisional rating: 4.8
Remote assault: No

The Common Vulnerability Scoring System (CVSS) is used to evaluate the vulnerability of laptop methods. The CVSS normal makes it doable to check potential or precise safety dangers primarily based on varied standards to create a precedence checklist for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. Temporal scores additionally have in mind modifications over time within the danger scenario. The severity of the vulnerability talked about right here is assessed as “reasonable” based on the CVSS with a base rating of 5.5.

Linux Kernel Bug: Multiple vulnerabilities permit denial of service and unspecified assaults

The kernel represents the core of the Linux working system.

A neighborhood attacker can exploit many vulnerabilities within the Linux kernel to trigger a denial of service or carry out an unspecified assault.

See also  Document scanner fi-8040, for desktop applications

Vulnerabilities are numbered for every product utilizing the CVE (Common Vulnerabilities and Exposures) reference system. CVE-2023-52609, CVE-2023-52610, CVE-2023-52611, CVE-2023-52612, CVE-2023-52613, CVE-2023-52614, CVE-2023-552-6202, CVE-6215 2023-52617 , CVE-2023-52618, CVE-2023-52619, CVE-2024-26631, CVE-2024-26632, CVE-2024-26633, CVE-2024-2662-304, CVE-262-304, CVE-26632-204 26636, CVE-2024-26637, CVE-2024-26638, CVE-2024-26639, CVE-2024-26640 and CVE-2024-26641.

Systems affected by the safety hole at a look

working system
Linux

Products
Debian Linux (cpe:/o:debian:debian_linux)
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Ubuntu Linux (cpe:/o:canonical:ubuntu_linux)
SUSE Linux (cpe:/o:use:suse_linux)
Open Source Linux Kernel (cpe:/o:linux:linux_kernel)

Common steps to handle IT safety gaps

  1. Users of affected methods ought to keep up-to-date. When safety holes are recognized, producers are required to repair them shortly by creating a patch or workaround. If safety patches can be found, set up them instantly.
  2. For data, see the sources listed within the subsequent part. This usually incorporates further details about the most recent model of the software program in query and the provision of safety patches or efficiency ideas.
  3. If you could have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to often examine if IT safety alert Affected producers present a brand new safety replace.

Manufacturer details about updates, patches and workarounds

Here you can find some hyperlinks with details about bug studies, safety fixes and workarounds.

Ubuntu Security Notice USN-6777-1 vom 2024-05-16 (16.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6774-1 vom 2024-05-16 (16.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6778-1 vom 2024-05-16 (16.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6766-2 vom 2024-05-15 (15.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1659-1 vom 2024-05-15 (15.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1647-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1641-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

See also  Google makes fun of the iPhone - and hits the mark

SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1644-1 vom 2024-05-14 (14.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6767-2 vom 2024-05-14 (13.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6767-1 vom 2024-05-07 (07.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6766-1 vom 2024-05-07 (07.05.2024)
For extra data, see:

Ubuntu Security Notice USN-6765-1 vom 2024-05-07 (07.05.2024)
For extra data, see:

Debian Security Advisory DSA-5681 vom 2024-05-06 (06.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1490-1 vom 2024-05-03 (02.05.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1480-1 vom 2024-04-30 (01.05.2024)
For extra data, see:

Red Hat Security Advisory RHSA-2024:2394 vom 2024-04-30 (29.04.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1466-1 vom 2024-04-29 (29.04.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1322-2 vom 2024-04-18 (18.04.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1332-2 vom 2024-04-18 (18.04.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1332-1 vom 2024-04-18 (18.04.2024)
For extra data, see:

Ubuntu Security Notice USN-6726-3 vom 2024-04-17 (17.04.2024)
For extra data, see:

SUSE Security Update SUSE-SU-2024:1322-1 vom 2024-04-17 (16.04.2024)
For extra data, see:

Ubuntu Security Notice USN-6726-2 vom 2024-04-16 (16.04.2024)
For extra data, see:

Ubuntu Security Notice USN-6725-2 vom 2024-04-16 (16.04.2024)
For extra data, see:

Ubuntu Security Notice USN-6726-1 vom 2024-04-09 (09.04.2024)
For extra data, see:

Ubuntu Security Notice USN-6725-1 vom 2024-04-09 (09.04.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

See also  Twin arrives, the new robotic exoskeleton for the legs - Medicine

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

CVE announcement on lore.kernel.org dated 2024-03-17 (17.03.2024)
For extra data, see:

Version historical past of this safety alert

This is model 15 of this Linux Kernel IT Security Notice. If additional updates are introduced, this doc can be up to date. You can examine modifications or additions on this model historical past.

March 17, 2024 – First model
03/18/2024 – duplicate entry eliminated
04/09/2024 – Added new persona updates
April 16, 2024 – Added new persona updates
April 17, 2024 – Added new persona updates
April 18, 2024 – New updates from SUSE added
April 29, 2024 – New updates from SUSE added
May 1, 2024 – New updates from SUSE added
May 2, 2024 – New updates from SUSE added
05/06/2024 – New updates from Debian added
May 7, 2024 – Added new persona updates
May 13, 2024 – Added new persona updates
May 14, 2024 – New updates from SUSE added
May 15, 2024 – Added new updates from SUSE and Ubuntu
May 16, 2024 – Added new persona updates

+++ Editorial notice: This doc relies on present BSI knowledge and can be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

observe News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here you can find sizzling information, present movies and a direct line to the editorial workforce.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy