As BSI experiences, an IT safety alert, which issues a vulnerability within the Linux kernel, has acquired an replace. You can examine which working programs and merchandise are affected by the safety hole right here at information.de.
Federal workplace for Security in Information Technology (BSI) revealed an replace on May 23, 2024 a couple of safety vulnerability within the Linux kernel identified on March 3, 2024. The safety vulnerability impacts the Linux working system and merchandise Debian Linux, Fedora Linux, Ubuntu Linux, SUSE Linux and the Open Source Linux Kernel.
The newest producer suggestions for updates, workarounds and safety patches for this vulnerability will be discovered right here: Ubuntu Security Notice USN-6777-4 (From 23 May 2024). Some helpful assets are listed later on this article.
Linux Kernel Security Advisory – Risk: medium
Risk degree: 3 (average)
CVSS Base Score: 5.3
CVSS provisional rating: 4,6
Remote assault: No
The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop programs. The CVSS normal makes it doable to match potential or precise safety dangers based mostly on varied metrics with the intention to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. For momentary impact, body situations that will change over time are thought-about within the check. According to CVSS, the chance of the vulnerability talked about right here is rated as “average” with 5.3 foundation factors.
Linux Kernel Bug: Vulnerability permits unspecified assaults
The kernel represents the core of the Linux working system.
An area attacker can exploit a vulnerability within the Linux kernel to carry out an unspecified assault.
Vulnerabilities had been categorised utilizing the CVE (Common Vulnerabilities and Exposures) reference system for every serial quantity CVE-2024-26622.
Systems affected by the safety hole at a look
working system
Linux
Products
Debian Linux (cpe:/o:debian:debian_linux)
Fedora Linux (cpe:/o:fedoraproject:fedora)
Ubuntu Linux (cpe:/o:canonical:ubuntu_linux)
SUSE Linux (cpe:/o:use:suse_linux)
Open Source Linux Kernel (cpe:/o:linux:linux_kernel)
General suggestions for coping with IT vulnerabilities
- Users of the affected apps ought to keep up-to-date. When safety holes are identified, producers are required to repair them shortly by creating a patch or workaround. When new safety updates can be found, set up them instantly.
- For info, see the sources listed within the subsequent part. This typically incorporates further details about the most recent model of the software program in query and the provision of safety patches or efficiency suggestions.
- If you will have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to recurrently verify the required sources to see if a brand new safety replace is accessible.
Sources for updates, patches and workarounds
Here you can see some hyperlinks with details about bug experiences, safety fixes and workarounds.
Ubuntu Security Notice USN-6777-4 vom 2024-05-23 (23.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1749-1 vom 2024-05-22 (22.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6777-3 vom 2024-05-22 (21.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6775-2 vom 2024-05-22 (21.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1711-1 vom 2024-05-21 (21.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1682-1 vom 2024-05-20 (20.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6777-2 vom 2024-05-20 (20.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6774-1 vom 2024-05-16 (16.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6775-1 vom 2024-05-16 (16.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6778-1 vom 2024-05-16 (16.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6777-1 vom 2024-05-16 (16.05.2024)
For extra info, see:
Ubuntu Security Notice USN-6776-1 vom 2024-05-16 (16.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1596-1 vom 2024-05-10 (12.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1582-1 vom 2024-05-10 (09.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1580-1 vom 2024-05-09 (09.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1558-1 vom 2024-05-08 (09.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1562-1 vom 2024-05-08 (09.05.2024)
For extra info, see:
Debian Security Advisory DSA-5681 vom 2024-05-06 (06.05.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1411-1 vom 2024-04-24 (23.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1410-1 vom 2024-04-23 (23.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1406-1 vom 2024-04-23 (23.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1405-1 vom 2024-04-23 (23.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1409-1 vom 2024-04-23 (23.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1388-1 vom 2024-04-23 (22.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1391-1 vom 2024-04-23 (22.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1390-1 vom 2024-04-23 (22.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1380-1 vom 2024-04-22 (22.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1386-1 vom 2024-04-22 (22.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1364-1 vom 2024-04-22 (21.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1362-1 vom 2024-04-22 (21.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1358-1 vom 2024-04-22 (21.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:1359-1 vom 2024-04-22 (21.04.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0977-1 vom 2024-03-22 (24.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0925-1 vom 2024-03-22 (24.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0926-1 vom 2024-03-22 (24.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0975-1 vom 2024-03-22 (24.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0976-1 vom 2024-03-22 (24.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0910-1 vom 2024-03-15 (17.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0900-2 vom 2024-03-15 (17.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0900-1 vom 2024-03-14 (14.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0858-1 vom 2024-03-13 (12.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0857-1 vom 2024-03-13 (12.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0856-1 vom 2024-03-13 (12.03.2024)
For extra info, see:
SUSE Security Update SUSE-SU-2024:0855-1 vom 2024-03-12 (12.03.2024)
For extra info, see:
Fedora Security Advisory FEDORA-2024-F797F1540E vom 2024-03-06 (06.03.2024)
For extra info, see:
Fedora Security Advisory FEDORA-2024-5DB5954A5E vom 2024-03-06 (06.03.2024)
For extra info, see:
Git.Kernel.org from 2024-03-03 (03.03.2024)
For extra info, see:
NIST Vulnerability Database vom 2024-03-03 (03.03.2024)
For extra info, see:
Version historical past of this safety alert
This is model 17 of this Linux Kernel IT Security Notice. This doc can be up to date as extra updates are introduced. You can examine adjustments or additions on this model historical past.
March 3, 2024 – First model
03/06/2024 – New updates from Fedora added
03/12/2024 – New updates from SUSE added
03/14/2024 – New updates from SUSE added
03/17/2024 – New updates from SUSE added
03/24/2024 – New updates from SUSE added
April 21, 2024 – New updates from SUSE added
April 22, 2024 – New updates from SUSE added
April 23, 2024 – New updates from SUSE added
05/06/2024 – New updates from Debian added
May 9, 2024 – New updates from SUSE added
May 12, 2024 – New updates from SUSE added
May 16, 2024 – Added new character updates
May 20, 2024 – Added new updates from Ubuntu and SUSE
May 21, 2024 – Added new updates from SUSE and Ubuntu
May 22, 2024 – New updates from SUSE added
May 23, 2024 – Added new updates for Ubuntu
+++ Editorial be aware: This doc relies on present BSI knowledge and can be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++
observe News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you can see sizzling information, present movies and a direct line to the editorial staff.
kns/roj/information.de