mickmick.net

RedHat Linux 核心多個漏洞

發佈日期: 2024年08月02日

風險: 中度風險

類型: 操作系統 - LINUX

於 RedHat Linux核心發現多個漏洞。遠端攻擊者可利用這些漏洞，於目標系統觸發阻斷服務狀況、權限提升、遠端執行任意程式碼、洩露敏感資料及繞過保安限制。

 

---

影響

• 遠端執行程式碼
• 阻斷服務
• 權限提升
• 資料洩露
• 繞過保安限制

---

受影響之系統或技術

• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
• Red Hat Enterprise Linux Server - AUS 9.4 x86_64
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Real Time 9 x86_64
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
• Red Hat Enterprise Linux for Real Time for NFV 9 x86_64
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
• Red Hat Enterprise Linux Server - AUS 8.6 x86_64
• Red Hat Enterprise Linux Server - TUS 8.6 x86_64
• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.4 aarch64
• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.4 s390x
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
• Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.4 x86_64
• Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.4 x86_64

---

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

 

安裝供應商提供的修補程式：

• https://access.redhat.com/errata/RHSA-2024:4902
• https://access.redhat.com/errata/RHSA-2024:4928
• https://access.redhat.com/errata/RHSA-2024:4970

---

漏洞識別碼

• CVE-2021-47459
• CVE-2021-47548
• CVE-2022-48743
• CVE-2023-6546
• CVE-2023-52458
• CVE-2023-52667
• CVE-2023-52784
• CVE-2023-52809
• CVE-2024-26733
• CVE-2024-26737
• CVE-2024-26773
• CVE-2024-26852
• CVE-2024-26880
• CVE-2024-26908
• CVE-2024-26982
• CVE-2024-27030
• CVE-2024-27046
• CVE-2024-35857
• CVE-2024-35885
• CVE-2024-35907
• CVE-2024-35960
• CVE-2024-36020
• CVE-2024-36025
• CVE-2024-36924
• CVE-2024-36929
• CVE-2024-36952
• CVE-2024-38580
• CVE-2024-38596

---

資料來源

• Redhat

---

相關連結

• https://access.redhat.com/errata/RHSA-2024:4902
• https://access.redhat.com/errata/RHSA-2024:4928
• https://access.redhat.com/errata/RHSA-2024:4970