mickmick.net

RedHat Linux 核心多個漏洞

發佈日期: 2024年05月02日

風險: 中度風險

類型: 操作系統 - LINUX

於 RedHat Linux核心發現多個漏洞。遠端攻擊者可利用這些漏洞，於目標系統觸發阻斷服務狀況、權限提升、遠端執行任意程式碼、洩露敏感資料及繞過保安限制。

 

---

影響

• 阻斷服務
• 遠端執行程式碼
• 資料洩露
• 權限提升
• 繞過保安限制

---

受影響之系統或技術

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
• Red Hat Enterprise Linux for Real Time 9 x86_64
• Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 9 x86_64
• Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64
• Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux Server - TUS 8.8 x86_64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le

---

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

 

安裝供應商提供的修補程式：

• https://access.redhat.com/errata/RHSA-2024:2628
• https://access.redhat.com/errata/RHSA-2024:2394
• https://access.redhat.com/errata/RHSA-2024:2585
• https://access.redhat.com/errata/RHSA-2024:2621

---

漏洞識別碼

• CVE-2020-26555
• CVE-2021-33631
• CVE-2021-46915
• CVE-2022-0480
• CVE-2022-3640
• CVE-2022-38096
• CVE-2022-42895
• CVE-2022-45934
• CVE-2023-3567
• CVE-2023-4133
• CVE-2023-6040
• CVE-2023-6121
• CVE-2023-6176
• CVE-2023-6531
• CVE-2023-6546
• CVE-2023-6622
• CVE-2023-6915
• CVE-2023-6931
• CVE-2023-6932
• CVE-2023-24023
• CVE-2023-25775
• CVE-2023-28464
• CVE-2023-28866
• CVE-2023-31083
• CVE-2023-37453
• CVE-2023-39189
• CVE-2023-39193
• CVE-2023-39194
• CVE-2023-39198
• CVE-2023-40283
• CVE-2023-42754
• CVE-2023-42756
• CVE-2023-45863
• CVE-2023-46862
• CVE-2023-51043
• CVE-2023-51779
• CVE-2023-51780
• CVE-2023-52434
• CVE-2023-52448
• CVE-2023-52476
• CVE-2023-52489
• CVE-2023-52522
• CVE-2023-52529
• CVE-2023-52574
• CVE-2023-52578
• CVE-2023-52580
• CVE-2023-52581
• CVE-2023-52610
• CVE-2023-52620
• CVE-2024-0565
• CVE-2024-0841
• CVE-2024-1085
• CVE-2024-1086
• CVE-2024-25742
• CVE-2024-25743
• CVE-2024-25744
• CVE-2024-26582
• CVE-2024-26583
• CVE-2024-26584
• CVE-2024-26585
• CVE-2024-26586
• CVE-2024-26593
• CVE-2024-26602
• CVE-2024-26609
• CVE-2024-26633

---

資料來源

• Redhat

---

相關連結

• https://access.redhat.com/errata/RHSA-2024:2628
• https://access.redhat.com/errata/RHSA-2024:2394
• https://access.redhat.com/errata/RHSA-2024:2585
• https://access.redhat.com/errata/RHSA-2024:2621