Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Linux
ID: RHSA-2024:3462
Distribution: Red Hat
Plattformen: Red Hat Enterprise Linux BaseOS EUS (v.8.6), Red Hat Virtualization 4 Hypervisor for RHEL 8, Red Hat CodeReady Linux Builder EUS (v.8.6)
Datum: Mi, 29. Mai 2024, 23:38
Referenzen: https://access.redhat.com/errata/RHSA-2024:3462
https://bugzilla.redhat.com/show_bug.cgi?id=2267758
https://bugzilla.redhat.com/show_bug.cgi?id=2141026
https://access.redhat.com/security/cve/CVE-2021-47013
https://access.redhat.com/security/cve/CVE-2023-52578
https://bugzilla.redhat.com/show_bug.cgi?id=2266841
https://access.redhat.com/security/cve/CVE-2023-3006
Applikationen: Linux

Originalnachricht

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended
Update Support.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

* RHEL: Add Spectre-BHB mitigation for AmpereOne (CVE-2023-3006)

* kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
(CVE-2021-47013)

* kernel: net: bridge: data races indata-races in br_handle_frame_finish()
(CVE-2023-52578)

Bug Fix(es):

* XFS: thaw operation hungs if caches are dropped while FS is frozen
(JIRA:RHEL-34522)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-47013: Use After Free (CWE-416)
CVE-2023-3006: Sensitive Information in Resource Not Removed Before Reuse
(CWE-226)
CVE-2023-52578: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung