mickmick.net

RedHat Linux Kernel Multiple Vulnerabilities

Release Date: 18 Mar 2024

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and data manipulation on the targeted system

---

Impact

• Denial of Service
• Remote Code Execution
• Information Disclosure
• Data Manipulation
• Elevation of Privilege

---

System / Technologies affected

• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for Real Time 7 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
• Red Hat Enterprise Linux Server 7 x86_64

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://access.redhat.com/errata/RHSA-2024:1332
• https://access.redhat.com/errata/RHSA-2024:1323

---

Vulnerability Identifier

• CVE-2022-42896
• CVE-2023-4921
• CVE-2023-31436
• CVE-2023-38409
• CVE-2023-45871
• CVE-2024-1086
• CVE-2024-26602

---

Source

• AusCERT
• Redhat

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2024.1622/
• https://www.auscert.org.au/bulletins/ESB-2024.1606/
• https://access.redhat.com/errata/RHSA-2024:1332
• https://access.redhat.com/errata/RHSA-2024:1323