Home » Red Hat Enterprise Linux: New safety vulnerability! Many vulnerabilities result in a denial of service

Red Hat Enterprise Linux: New safety vulnerability! Many vulnerabilities result in a denial of service

by admin
Red Hat Enterprise Linux: New safety vulnerability!  Many vulnerabilities result in a denial of service

BSI has revealed present IT safety recommendation for Red Hat Enterprise Linux. You can discover out extra concerning the affected functions and merchandise and the CVE numbers right here at information.de.

Federal workplace for Security in Information Technology (BSI) has issued a safety advisory for Red Hat Enterprise Linux on June 4, 2024. The safety vulnerability impacts the Linux working system and merchandise Oracle Linux, Red Hat Directory Server and Red Hat Enterprise Linux .

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability could be discovered right here: Oracle Linux Security Advisory ELSA-2024-3591 (As of June 5, 2024). Some helpful sources are listed later on this article.

Red Hat Enterprise Linux Security Advisory – Risk: Medium

Risk stage: 3 (reasonable)
CVSS Base Score: 7.5
CVSS provisional rating: 6.5
Remote management: Ja

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in pc techniques. The CVSS customary makes it potential to match potential or precise safety dangers based mostly on varied metrics to create a precedence checklist for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. Temporal scores additionally have in mind modifications over time within the threat state of affairs. According to CVSS, the present vulnerability menace is assessed as “reasonable” with a base rating of seven.5.

Red Hat Enterprise Linux Bug: Multiple vulnerabilities permit a denial of service

Red Hat Enterprise Linux (RHEL) is a well-liked Linux distribution Red Hat Directory Server is an open supply LDAP server.

See also  China hosts international standards in the field of railway electrification technology for the first time

A distant attacker can exploit a number of vulnerabilities in Red Hat Enterprise Linux and Red Hat Directory Server to trigger a denial of service situation.

Vulnerabilities are categorized utilizing the CVE (Common Vulnerability and Exposure) designation system by their particular person serial numbers CVE-2024-2199 and CVE-2024-3657.

Systems affected by the safety hole at a look

working system
Linux

Products
Oracle Linux (cpe:/o:oracle:linux)
Red Hat Directory Server 12 (cpe:/a:redhat:directory_server)
Red Hat Directory Server 11 (cpe:/a:redhat:directory_server)
Red Hat Enterprise Linux 7 (cpe:/a:redhat:directory_server)
Red Hat Enterprise Linux 8 (cpe:/o:redhat:enterprise_linux)
Red Hat Enterprise Linux 9 (cpe:/o:redhat:enterprise_linux)

General suggestions for coping with IT vulnerabilities

  1. Users of affected techniques ought to keep up-to-date. When safety holes are identified, producers are required to repair them rapidly by creating a patch or workaround. If safety patches can be found, set up them instantly.
  2. For data, see the sources listed within the subsequent part. This usually comprises extra details about the most recent model of the software program in query and the supply of safety patches or efficiency ideas.
  3. If you will have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to recurrently examine the required sources to see if a brand new safety replace is offered.

Sources for updates, patches and workarounds

Here you will see some hyperlinks with details about bug studies, safety fixes and workarounds.

Oracle Linux Security Advisory ELSA-2024-3591 vom 2024-06-05 (04.06.2024)
For extra data, see:

Oracle Linux Security Advisory ELSA-2024-3591 vom 2024-06-05 (04.06.2024)
For extra data, see:

Red Hat Security Advisory vom 2024-06-04 (04.06.2024)
For extra data, see:

See also  Sonic Superstars Receives Age Rating, Hinting at On-Time Release

Version historical past of this safety alert

This is the primary model of this IT Security Notice for Red Hat Enterprise Linux. This doc will probably be up to date as updates are introduced. You can see the modifications made utilizing the model historical past under.

June 4, 2024 – First model

+++ Editorial be aware: This doc is predicated on present BSI information and will probably be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here you will see sizzling information, present movies and a direct line to the editorial crew.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy