RedHat Linux 核心多個漏洞
最後更新
2024年05月31日
發佈日期:
2024年05月02日
640
觀看次數
風險: 中度風險
類型: 操作系統 - LINUX
於 RedHat Linux核心發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升、遠端執行任意程式碼、洩露敏感資料及繞過保安限制。
注意:
CVE-2024-1086 正在被廣泛利用。它與 netfilter: nf_tables 元件中的釋放後使用漏洞有關。本地攻擊者可利用此漏洞將一般使用者的權限提升至Root權限。風險等級仍為中度風險。
[更新於 2024-05-06]
更新受影響之系統或技術、解決方案、漏洞識別碼及相關連結。
[更新於 2024-05-14]
更新受影響之系統或技術、解決方案、漏洞識別碼及相關連結。
[更新於 2024-05-16]
更新解決方案、漏洞識別碼及相關連結。
[更新於 2024-05-29]
更新受影響之系統或技術、解決方案、漏洞識別碼及相關連結。
[更新於 2024-05-30]
更新解決方案、漏洞識別碼及相關連結。
[更新於 2024-05-31]
更新描述。
影響
- 阻斷服務
- 遠端執行程式碼
- 資料洩露
- 權限提升
- 繞過保安限制
受影響之系統或技術
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat Enterprise Linux Server - AUS 7.6 x86_64
- Red Hat Enterprise Linux Server - AUS 7.7 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 9.2 x86_64
- Red Hat Enterprise Linux Server - AUS 9.4 x86_64
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux Server - TUS 8.8 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.4 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.4 s390x
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time 9 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 9 x86_64
- Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.0 x86_64
- Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.4 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.0 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Virtualization Host 4 for RHEL 8 x86_64
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
- https://access.redhat.com/errata/RHSA-2024:2394
- https://access.redhat.com/errata/RHSA-2024:2582
- https://access.redhat.com/errata/RHSA-2024:2585
- https://access.redhat.com/errata/RHSA-2024:2621
- https://access.redhat.com/errata/RHSA-2024:2627
- https://access.redhat.com/errata/RHSA-2024:2628
- https://access.redhat.com/errata/RHSA-2024:2674
- https://access.redhat.com/errata/RHSA-2024:2758
- https://access.redhat.com/errata/RHSA-2024:2845
- https://access.redhat.com/errata/RHSA-2024:2846
- https://access.redhat.com/errata/RHSA-2024:2950
- https://access.redhat.com/errata/RHSA-2024:3306
- https://access.redhat.com/errata/RHSA-2024:3138
- https://access.redhat.com/errata/RHSA-2024:3318
- https://access.redhat.com/errata/RHSA-2024:3319
- https://access.redhat.com/errata/RHSA-2024:3414
- https://access.redhat.com/errata/RHSA-2024:3421
- https://access.redhat.com/errata/RHSA-2024:3427
- https://access.redhat.com/errata/RHSA-2024:3460
- https://access.redhat.com/errata/RHSA-2024:3461
- https://access.redhat.com/errata/RHSA-2024:3462
漏洞識別碼
- CVE-2019-13631
- CVE-2019-15505
- CVE-2020-25656
- CVE-2020-26555
- CVE-2020-36516
- CVE-2021-3753
- CVE-2021-4204
- CVE-2021-33631
- CVE-2021-46915
- CVE-2021-47013
- CVE-2022-0480
- CVE-2022-0500
- CVE-2022-3565
- CVE-2022-3640
- CVE-2022-23222
- CVE-2022-38096
- CVE-2022-40982
- CVE-2022-42895
- CVE-2022-45934
- CVE-2023-1513
- CVE-2023-3006
- CVE-2023-3567
- CVE-2023-4133
- CVE-2023-4244
- CVE-2023-6040
- CVE-2023-6121
- CVE-2023-6176
- CVE-2023-6240
- CVE-2023-6531
- CVE-2023-6546
- CVE-2023-6622
- CVE-2023-6817
- CVE-2023-6915
- CVE-2023-6931
- CVE-2023-6932
- CVE-2023-24023
- CVE-2023-25775
- CVE-2023-28464
- CVE-2023-28866
- CVE-2023-31083
- CVE-2023-37453
- CVE-2023-38409
- CVE-2023-39189
- CVE-2023-39192
- CVE-2023-39193
- CVE-2023-39194
- CVE-2023-39198
- CVE-2023-40283
- CVE-2023-42754
- CVE-2023-42755
- CVE-2023-42756
- CVE-2023-45863
- CVE-2023-46862
- CVE-2023-51043
- CVE-2023-51779
- CVE-2023-51780
- CVE-2023-52340
- CVE-2023-52434
- CVE-2023-52448
- CVE-2023-52476
- CVE-2023-52489
- CVE-2023-52522
- CVE-2023-52529
- CVE-2023-52574
- CVE-2023-52578
- CVE-2023-52580
- CVE-2023-52581
- CVE-2023-52610
- CVE-2023-52620
- CVE-2023-52628
- CVE-2024-0565
- CVE-2024-0841
- CVE-2024-1085
- CVE-2024-1086
- CVE-2024-25742
- CVE-2024-25743
- CVE-2024-25744
- CVE-2024-26582
- CVE-2024-26583
- CVE-2024-26584
- CVE-2024-26585
- CVE-2024-26586
- CVE-2024-26593
- CVE-2024-26602
- CVE-2024-26609
- CVE-2024-26633
- CVE-2024-26642
- CVE-2024-26643
- CVE-2024-26671
- CVE-2024-26673
- CVE-2024-26735
- CVE-2024-26804
- CVE-2024-26828
- CVE-2024-26993
資料來源
相關連結
- https://access.redhat.com/errata/RHSA-2024:2394
- https://access.redhat.com/errata/RHSA-2024:2582
- https://access.redhat.com/errata/RHSA-2024:2585
- https://access.redhat.com/errata/RHSA-2024:2621
- https://access.redhat.com/errata/RHSA-2024:2627
- https://access.redhat.com/errata/RHSA-2024:2628
- https://access.redhat.com/errata/RHSA-2024:2674
- https://access.redhat.com/errata/RHSA-2024:2758
- https://access.redhat.com/errata/RHSA-2024:2845
- https://access.redhat.com/errata/RHSA-2024:2846
- https://access.redhat.com/errata/RHSA-2024:2950
- https://access.redhat.com/errata/RHSA-2024:3306
- https://access.redhat.com/errata/RHSA-2024:3138
- https://access.redhat.com/errata/RHSA-2024:3318
- https://access.redhat.com/errata/RHSA-2024:3319
- https://access.redhat.com/errata/RHSA-2024:3414
- https://access.redhat.com/errata/RHSA-2024:3421
- https://access.redhat.com/errata/RHSA-2024:3427
- https://access.redhat.com/errata/RHSA-2024:3460
- https://access.redhat.com/errata/RHSA-2024:3461
- https://access.redhat.com/errata/RHSA-2024:3462
分享至