As BSI studies, an IT safety warning a couple of identified vulnerability in Red Hat Enterprise Linux (pcs) has obtained an replace. You can learn an outline of the safety hole together with the newest updates and details about affected working programs and merchandise right here.
Federal Office for Security in Information Technology (BSI) printed an replace on May 21, 2024 for a safety vulnerability in Red Hat Enterprise Linux (pcs) identified on April 16, 2024. The safety vulnerability impacts the Linux working system and Debian Linux merchandise and Red Hat Enterprise Linux.
The newest producer suggestions for updates, workarounds and safety patches for this vulnerability could be discovered right here: Red Hat Security Advisory RHSA-2024:2953 (From 22 May 2024). Some helpful sources are listed later on this article.
Security Advisory for Red Hat Enterprise Linux (pcs) – Risk: Moderate
Risk stage: 3 (average)
CVSS Base Score: 5.3
CVSS provisional rating: 4,6
Remote management: Ja
The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop programs. The CVSS commonplace makes it potential to match potential or precise safety dangers based mostly on numerous standards with a view to prioritize countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of the vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, consumer interplay) and its outcomes. For momentary impact, body situations which will change over time are thought-about within the take a look at. According to CVSS, the danger of the vulnerability talked about right here is evaluated as “inner” with a base rating of 5.3.
Red Hat Enterprise Linux (pcs) Bug: Multiple vulnerabilities enable a denial of service
Red Hat Enterprise Linux (RHEL) is a well-liked Linux distribution.
A distant, unknown attacker might exploit a number of vulnerabilities in Red Hat Enterprise Linux (pcs) to carry out a denial of service assault.
Vulnerabilities are numbered for every product utilizing the CVE (Common Vulnerabilities and Exposures) reference system. CVE-2024-25126, CVE-2024-26141 and CVE-2024-26146.
Systems affected by the safety hole at a look
working system
Linux
Products
Debian Linux (cpe:/o:debian:debian_linux)
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
Red Hat Enterprise Linux (cpe:/o:redhat:enterprise_linux)
General steps for coping with IT vulnerabilities
- Users of the affected apps ought to keep up-to-date. When safety holes are identified, producers are required to repair them rapidly by creating a patch or workaround. If safety patches can be found, set up them instantly.
- For data, see the sources listed within the subsequent part. This usually incorporates further details about the newest model of the software program in query and the provision of safety patches or efficiency ideas.
- If you have got any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to often verify the desired sources to see if a brand new safety replace is obtainable.
Sources for updates, patches and workarounds
Here you will see some hyperlinks with details about bug studies, safety fixes and workarounds.
Red Hat Security Advisory RHSA-2024:2953 vom 2024-05-22 (21.05.2024)
For extra data, see:
Red Hat Security Advisory RHSA-2024:2581 vom 2024-04-30 (01.05.2024)
For extra data, see:
Red Hat Security Advisory RHSA-2024:2584 vom 2024-04-30 (01.05.2024)
For extra data, see:
Debian Security Advisory DLA-3800 vom 2024-04-29 (29.04.2024)
For extra data, see:
Red Hat Security Advisory RHSA-2024:2007 vom 2024-04-23 (23.04.2024)
For extra data, see:
Red Hat Security Advisory vom 2024-04-16 (16.04.2024)
For extra data, see:
Red Hat Security Advisory vom 2024-04-16 (16.04.2024)
For extra data, see:
Version historical past of this safety alert
This is model 5 of this IT safety advisory for Red Hat Enterprise Linux (pcs). This doc shall be up to date as extra updates are introduced. You can examine adjustments or additions on this model historical past.
April 16, 2024 – First model
April 23, 2024 – New updates from Red Hat have been added
04/29/2024 – New updates from Debian added
May 1, 2024 – New updates from Red Hat added
May 21, 2024 – New updates from Red Hat added
+++ Editorial notice: This doc relies on present BSI information and shall be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++
comply with News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you will see sizzling information, present movies and a direct line to the editorial workforce.
kns/roj/information.de