SK-CERT Bezpečnostné varovanie V20240710-04

Dôležitosť Kritická
Klasifikácia Neutajované/TLP:CLEAR
CVSS Skóre
9.8
Identifikátor
Linux Ubuntu – tri kritické bezpečnostné zraniteľnosti
Popis
Vývojári Linux distribúcie Ubuntu vydali bezpečnostnú aktualizáciu svojho produktu, ktorá opravuje viacero bezpečnostných zraniteľností, z ktorých sú tri označené ako kritické.
Najzávažnejšia kritická bezpečnostná zraniteľnosť s identifikátorom CVE-2023-3824 sa nachádza v balíku php, spočíva v nedostatočnej implementácii bezpečnostných mechanizmov a umožňuje vzdialenému, neautentifikovanému útočníkovi prostredníctvom pretečenia zásobníka vykonať škodlivý kód s následkom úplného narušenia dôvernosti, integrity a dostupnosti systému.
Zneužitím ostatných bezpečnostných zraniteľností možno vykonať škodlivý kód s následkom úplného narušenia dôvernosti, integrity a dostupnosti systému.
Na uvedenú zraniteľnosť je v súčasnosti voľne dostupný Proof-of-Concept kód.
Dátum prvého zverejnenia varovania
9.7.2024
CVE
CVE-2024-5261, CVE-2024-39884, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2024-36387, CVE-2024-35901, CVE-2024-35874, CVE-2024-35845, CVE-2024-35844, CVE-2024-35843, CVE-2024-35831, CVE-2024-35830, CVE-2024-35829, CVE-2024-35828, CVE-2024-35827, CVE-2024-35826, CVE-2024-35822, CVE-2024-35821, CVE-2024-35819, CVE-2024-35817, CVE-2024-35814, CVE-2024-35813, CVE-2024-35811, CVE-2024-35810, CVE-2024-35809, CVE-2024-35808, CVE-2024-35807, CVE-2024-35806, CVE-2024-35805, CVE-2024-35803, CVE-2024-35801, CVE-2024-35800, CVE-2024-35799, CVE-2024-35798, CVE-2024-35797, CVE-2024-35796, CVE-2024-35795, CVE-2024-35794, CVE-2024-35793, CVE-2024-35789, CVE-2024-35787, CVE-2024-32498, CVE-2024-27437, CVE-2024-27436, CVE-2024-27435, CVE-2024-27434, CVE-2024-27433, CVE-2024-27432, CVE-2024-27431, CVE-2024-27419, CVE-2024-27417, CVE-2024-27416, CVE-2024-27415, CVE-2024-27414, CVE-2024-27413, CVE-2024-27412, CVE-2024-27410, CVE-2024-27405, CVE-2024-27403, CVE-2024-27392, CVE-2024-27391, CVE-2024-27390, CVE-2024-27389, CVE-2024-27388, CVE-2024-27080, CVE-2024-27079, CVE-2024-27078, CVE-2024-27077, CVE-2024-27076, CVE-2024-27075, CVE-2024-27074, CVE-2024-27073, CVE-2024-27072, CVE-2024-27071, CVE-2024-27070, CVE-2024-27069, CVE-2024-27068, CVE-2024-27067, CVE-2024-27066, CVE-2024-27065, CVE-2024-27064, CVE-2024-27063, CVE-2024-27058, CVE-2024-27054, CVE-2024-27053, CVE-2024-27052, CVE-2024-27051, CVE-2024-27050, CVE-2024-27049, CVE-2024-27048, CVE-2024-27047, CVE-2024-27046, CVE-2024-27045, CVE-2024-27044, CVE-2024-27043, CVE-2024-27042, CVE-2024-27041, CVE-2024-27040, CVE-2024-27039, CVE-2024-27038, CVE-2024-27037, CVE-2024-27036, CVE-2024-27035, CVE-2024-27034, CVE-2024-27033, CVE-2024-27032, CVE-2024-27031, CVE-2024-27030, CVE-2024-27029, CVE-2024-27028, CVE-2024-27027, CVE-2024-27026, CVE-2024-27024, CVE-2024-26978, CVE-2024-26977, CVE-2024-26976, CVE-2024-26975, CVE-2024-26973, CVE-2024-26972, CVE-2024-26971, CVE-2024-26970, CVE-2024-26969, CVE-2024-26968, CVE-2024-26967, CVE-2024-26966, CVE-2024-26965, CVE-2024-26964, CVE-2024-26963, CVE-2024-26962, CVE-2024-26961, CVE-2024-26960, CVE-2024-26959, CVE-2024-26958, CVE-2024-26957, CVE-2024-26956, CVE-2024-26955, CVE-2024-26954, CVE-2024-26953, CVE-2024-26952, CVE-2024-26951, CVE-2024-26950, CVE-2024-26949, CVE-2024-26948, CVE-2024-26947, CVE-2024-26946, CVE-2024-26945, CVE-2024-26944, CVE-2024-26943, CVE-2024-26942, CVE-2024-26941, CVE-2024-26940, CVE-2024-26939, CVE-2024-26938, CVE-2024-26937, CVE-2024-26935, CVE-2024-26934, CVE-2024-26933, CVE-2024-26932, CVE-2024-26931, CVE-2024-26930, CVE-2024-26929, CVE-2024-26927, CVE-2024-26925, CVE-2024-26924, CVE-2024-26922, CVE-2024-26915, CVE-2024-26907, CVE-2024-26906, CVE-2024-26903, CVE-2024-26901, CVE-2024-26900, CVE-2024-26899, CVE-2024-26898, CVE-2024-26897, CVE-2024-26896, CVE-2024-26895, CVE-2024-26894, CVE-2024-26893, CVE-2024-26892, CVE-2024-26891, CVE-2024-26890, CVE-2024-26889, CVE-2024-26888, CVE-2024-26887, CVE-2024-26886, CVE-2024-26885, CVE-2024-26884, CVE-2024-26883, CVE-2024-26882, CVE-2024-26881, CVE-2024-26880, CVE-2024-26879, CVE-2024-26878, CVE-2024-26877, CVE-2024-26876, CVE-2024-26875, CVE-2024-26874, CVE-2024-26873, CVE-2024-26872, CVE-2024-26871, CVE-2024-26870, CVE-2024-26869, CVE-2024-26868, CVE-2024-26866, CVE-2024-26865, CVE-2024-26864, CVE-2024-26863, CVE-2024-26862, CVE-2024-26861, CVE-2024-26860, CVE-2024-26859, CVE-2024-26857, CVE-2024-26856, CVE-2024-26855, CVE-2024-26852, CVE-2024-26851, CVE-2024-26848, CVE-2024-26846, CVE-2024-26845, CVE-2024-26843, CVE-2024-26840, CVE-2024-26839, CVE-2024-26838, CVE-2024-26835, CVE-2024-26833, CVE-2024-26820, CVE-2024-26816, CVE-2024-26815, CVE-2024-26814, CVE-2024-26813, CVE-2024-26812, CVE-2024-26810, CVE-2024-26809, CVE-2024-26805, CVE-2024-26804, CVE-2024-26803, CVE-2024-26802, CVE-2024-26801, CVE-2024-26798, CVE-2024-26795, CVE-2024-26793, CVE-2024-26792, CVE-2024-26791, CVE-2024-26790, CVE-2024-26788, CVE-2024-26787, CVE-2024-26782, CVE-2024-26779, CVE-2024-26778, CVE-2024-26777, CVE-2024-26776, CVE-2024-26774, CVE-2024-26773, CVE-2024-26772, CVE-2024-26771, CVE-2024-26769, CVE-2024-26766, CVE-2024-26764, CVE-2024-26763, CVE-2024-26754, CVE-2024-26752, CVE-2024-26751, CVE-2024-26750, CVE-2024-26749, CVE-2024-26748, CVE-2024-26747, CVE-2024-26744, CVE-2024-26743, CVE-2024-26737, CVE-2024-26736, CVE-2024-26735, CVE-2024-26733, CVE-2024-26720, CVE-2024-26688, CVE-2024-26659, CVE-2024-26657, CVE-2024-26656, CVE-2024-26655, CVE-2024-26654, CVE-2024-26653, CVE-2024-26651, CVE-2024-26643, CVE-2024-26642, CVE-2024-26603, CVE-2024-26601, CVE-2024-26585, CVE-2024-26584, CVE-2024-26583, CVE-2024-25739, CVE-2024-24861, CVE-2024-23307, CVE-2024-22099, CVE-2024-2201, CVE-2024-21823, CVE-2024-0841, CVE-2023-7042, CVE-2023-6270, CVE-2023-52663, CVE-2023-52662, CVE-2023-52661, CVE-2023-52659, CVE-2023-52656, CVE-2023-52653, CVE-2023-52652, CVE-2023-52650, CVE-2023-52649, CVE-2023-52648, CVE-2023-52647, CVE-2023-52645, CVE-2023-52644, CVE-2023-52641, CVE-2023-52640, CVE-2023-52620, CVE-2023-52615, CVE-2023-52497, CVE-2023-52447, CVE-2023-52434, CVE-2023-48951, CVE-2023-48950, CVE-2023-48947, CVE-2023-48946, CVE-2023-48945, CVE-2023-47233, CVE-2023-3824, CVE-2023-3823, CVE-2023-31631, CVE-2023-31630, CVE-2023-31629, CVE-2023-31627, CVE-2023-31626, CVE-2023-31624, CVE-2023-31622, CVE-2023-31620, CVE-2022-48669, CVE-2022-42252, CVE-2022-38096, CVE-2022-26562, CVE-2021-47063, CVE-2021-33631, CVE-2019-19907
IOC
Zasiahnuté systémy
Ubuntu 24.04
linux-image-6.8.0-1007-oem – 6.8.0-1007.7
linux-image-6.8.0-1010-aws – 6.8.0-1010.10
linux-image-aws – 6.8.0-1010.10
linux-image-oem-24.04 – 6.8.0-1007.7
linux-image-oem-24.04a – 6.8.0-1007.7
virtuoso-opensource – 7.2.5.1+dfsg1-0.8ubuntu0.1~esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-7 – 7.2.5.1+dfsg1-0.8ubuntu0.1~esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-7-bin – 7.2.5.1+dfsg1-0.8ubuntu0.1~esm2 (dostupné pre Ubuntu Pro)
python3-cinder – 2:24.0.0-0ubuntu1.2
glance-common – 2:28.0.1-0ubuntu1.2
nova-common – 3:29.0.1-0ubuntu1.3
python3-nova – 3:29.0.1-0ubuntu1.3
apache2 – 2.4.58-1ubuntu8.2
linux-image-6.8.0-1006-raspi – 6.8.0-1006.6
linux-image-6.8.0-1007-ibm – 6.8.0-1007.7
linux-image-6.8.0-1008-nvidia – 6.8.0-1008.8
linux-image-6.8.0-1008-nvidia-64k – 6.8.0-1008.8
linux-image-6.8.0-36-generic – 6.8.0-36.36
linux-image-6.8.0-36-generic-64k – 6.8.0-36.36
linux-image-6.8.0-36-lowlatency – 6.8.0-36.36.1
linux-image-6.8.0-36-lowlatency-64k – 6.8.0-36.36.1
linux-image-generic – 6.8.0-36.36
linux-image-generic-64k – 6.8.0-36.36
linux-image-generic-64k-hwe-24.04 – 6.8.0-36.36
linux-image-generic-hwe-24.04 – 6.8.0-36.36
linux-image-generic-lpae – 6.8.0-36.36
linux-image-ibm – 6.8.0-1007.7
linux-image-ibm-classic – 6.8.0-1007.7
linux-image-ibm-lts-24.04 – 6.8.0-1007.7
linux-image-kvm – 6.8.0-36.36
linux-image-lowlatency – 6.8.0-36.36.1
linux-image-lowlatency-64k – 6.8.0-36.36.1
linux-image-nvidia – 6.8.0-1008.8
linux-image-nvidia-64k – 6.8.0-1008.8
linux-image-raspi – 6.8.0-1006.6
linux-image-virtual – 6.8.0-36.36
linux-image-virtual-hwe-24.04 – 6.8.0-36.36
linux-image-6.8.0-1006-intel – 6.8.0-1006.13
linux-image-6.8.0-1009-gcp – 6.8.0-1009.10
linux-image-gcp – 6.8.0-1009.10
linux-image-intel – 6.8.0-1006.13
linux-image-6.8.0-1009-azure – 6.8.0-1009.9
linux-image-6.8.0-1009-azure-fde – 6.8.0-1009.9
linux-image-azure – 6.8.0-1009.9
linux-image-azure-fde – 6.8.0-1009.9
libreoffice – 4:24.2.4-0ubuntu0.24.04.2
linux-image-6.8.0-1006-oracle – 6.8.0-1006.6
linux-image-6.8.0-1006-oracle-64k – 6.8.0-1006.6
linux-image-oracle – 6.8.0-1006.6
linux-image-oracle-64k – 6.8.0-1006.6

Ubuntu 23.10
python3-cinder – 2:23.0.0-0ubuntu1.4
glance-common – 2:27.0.0-0ubuntu1.2
nova-common – 3:28.0.1-0ubuntu1.3
python3-nova – 3:28.0.1-0ubuntu1.3
apache2 – 2.4.57-2ubuntu2.5
linux-image-6.5.0-1018-laptop – 6.5.0-1018.21
linux-image-6.5.0-1019-raspi – 6.5.0-1019.22
linux-image-6.5.0-1023-gcp – 6.5.0-1023.25
linux-image-6.5.0-42-generic – 6.5.0-42.42
linux-image-6.5.0-42-generic-64k – 6.5.0-42.42
linux-image-gcp – 6.5.0.1023.25
linux-image-generic – 6.5.0.42.42
linux-image-generic-64k – 6.5.0.42.42
linux-image-generic-lpae – 6.5.0.42.42
linux-image-kvm – 6.5.0.42.42
linux-image-laptop-23.10 – 6.5.0.1018.21
linux-image-raspi – 6.5.0.1019.20
linux-image-raspi-nolpae – 6.5.0.1019.20
linux-image-virtual – 6.5.0.42.42
linux-image-6.5.0-1016-starfive – 6.5.0-1016.17
linux-image-6.5.0-1022-aws – 6.5.0-1022.22
linux-image-6.5.0-1025-oracle – 6.5.0-1025.25
linux-image-6.5.0-1025-oracle-64k – 6.5.0-1025.25
linux-image-aws – 6.5.0.1022.22
linux-image-oracle – 6.5.0.1025.27
linux-image-oracle-64k – 6.5.0.1025.27
linux-image-starfive – 6.5.0.1016.18
linux-image-6.5.0-1023-azure – 6.5.0-1023.24
linux-image-6.5.0-1023-azure-fde – 6.5.0-1023.24
linux-image-azure – 6.5.0.1023.27
linux-image-azure-fde – 6.5.0.1023.27
libreoffice – 4:7.6.7-0ubuntu0.23.10.3

Ubuntu 22.04
linux-image-6.5.0-1016-starfive – 6.5.0-1016.17~22.04.1
linux-image-starfive – 6.5.0.1016.17~22.04.1
virtuoso-opensource – 7.2.5.1+dfsg1-0.2ubuntu0.1~esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-7 – 7.2.5.1+dfsg1-0.2ubuntu0.1~esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-7-bin – 7.2.5.1+dfsg1-0.2ubuntu0.1~esm2 (dostupné pre Ubuntu Pro)
python3-cinder – 2:20.3.1-0ubuntu1.4
glance-common – 2:24.2.1-0ubuntu1.2
nova-common – 3:25.2.1-0ubuntu2.3
python3-nova – 3:25.2.1-0ubuntu2.3
apache2 – 2.4.52-1ubuntu4.10
libtomcat9-java – 9.0.58-1ubuntu0.1+esm1 (dostupné pre Ubuntu Pro)
tomcat9 – 9.0.58-1ubuntu0.1+esm1 (dostupné pre Ubuntu Pro)
linux-image-6.5.0-1022-nvidia – 6.5.0-1022.23
linux-image-6.5.0-1022-nvidia-64k – 6.5.0-1022.23
linux-image-6.5.0-1023-gcp – 6.5.0-1023.25~22.04.1
linux-image-gcp – 6.5.0.1023.25~22.04.1
linux-image-nvidia-6.5 – 6.5.0.1022.30
linux-image-nvidia-64k-6.5 – 6.5.0.1022.30
linux-image-nvidia-64k-hwe-22.04 – 6.5.0.1022.30
linux-image-nvidia-hwe-22.04 – 6.5.0.1022.30
linux-image-6.5.0-1022-aws – 6.5.0-1022.22~22.04.1
linux-image-6.5.0-1025-oem – 6.5.0-1025.26
linux-image-6.5.0-1025-oracle – 6.5.0-1025.25~22.04.1
linux-image-6.5.0-1025-oracle-64k – 6.5.0-1025.25~22.04.1
linux-image-aws – 6.5.0.1022.22~22.04.1
linux-image-oem-22.04 – 6.5.0.1025.27
linux-image-oem-22.04a – 6.5.0.1025.27
linux-image-oem-22.04b – 6.5.0.1025.27
linux-image-oem-22.04c – 6.5.0.1025.27
linux-image-oem-22.04d – 6.5.0.1025.27
linux-image-oracle – 6.5.0.1025.25~22.04.1
linux-image-oracle-64k – 6.5.0.1025.25~22.04.1
linux-image-6.5.0-1023-azure – 6.5.0-1023.24~22.04.1
linux-image-6.5.0-1023-azure-fde – 6.5.0-1023.24~22.04.1
linux-image-azure – 6.5.0.1023.24~22.04.1
linux-image-azure-fde – 6.5.0.1023.24~22.04.1
kopano-archiver – 8.7.0-7.1ubuntu10.1
kopano-contacts – 8.7.0-7.1ubuntu10.1
kopano-dagent – 8.7.0-7.1ubuntu10.1
kopano-gateway – 8.7.0-7.1ubuntu10.1
kopano-ical – 8.7.0-7.1ubuntu10.1
kopano-libs – 8.7.0-7.1ubuntu10.1
kopano-monitor – 8.7.0-7.1ubuntu10.1
kopano-server – 8.7.0-7.1ubuntu10.1
kopano-spooler – 8.7.0-7.1ubuntu10.1
kopano-utils – 8.7.0-7.1ubuntu10.1
php-mapi – 8.7.0-7.1ubuntu10.1
python3-mapi – 8.7.0-7.1ubuntu10.1
linux-image-5.15.0-1047-gkeop – 5.15.0-1047.54
linux-image-5.15.0-1057-ibm – 5.15.0-1057.60
linux-image-5.15.0-1059-intel-iotg – 5.15.0-1059.65
linux-image-5.15.0-1061-gke – 5.15.0-1061.67
linux-image-5.15.0-1061-kvm – 5.15.0-1061.66
linux-image-5.15.0-1062-oracle – 5.15.0-1062.68
linux-image-5.15.0-1064-aws – 5.15.0-1064.70
linux-image-5.15.0-1067-azure – 5.15.0-1067.76
linux-image-5.15.0-1067-azure-fde – 5.15.0-1067.76.1
linux-image-aws-lts-22.04 – 5.15.0.1064.64
linux-image-azure-fde-lts-22.04 – 5.15.0.1067.76.44
linux-image-azure-lts-22.04 – 5.15.0.1067.65
linux-image-gke – 5.15.0.1061.60
linux-image-gke-5.15 – 5.15.0.1061.60
linux-image-gkeop – 5.15.0.1047.46
linux-image-gkeop-5.15 – 5.15.0.1047.46
linux-image-ibm – 5.15.0.1057.53
linux-image-intel-iotg – 5.15.0.1059.59
linux-image-kvm – 5.15.0.1061.57
linux-image-oracle-lts-22.04 – 5.15.0.1062.58
linux-image-5.15.0-1031-xilinx-zynqmp – 5.15.0-1031.35
linux-image-5.15.0-1059-nvidia – 5.15.0-1059.60
linux-image-5.15.0-1059-nvidia-lowlatency – 5.15.0-1059.60
linux-image-5.15.0-1063-gcp – 5.15.0-1063.71
linux-image-5.15.0-113-generic – 5.15.0-113.123
linux-image-5.15.0-113-generic-64k – 5.15.0-113.123
linux-image-5.15.0-113-generic-lpae – 5.15.0-113.123
linux-image-5.15.0-113-lowlatency – 5.15.0-113.123
linux-image-5.15.0-113-lowlatency-64k – 5.15.0-113.123
linux-image-gcp-lts-22.04 – 5.15.0.1063.59
linux-image-generic – 5.15.0.113.113
linux-image-generic-64k – 5.15.0.113.113
linux-image-generic-lpae – 5.15.0.113.113
linux-image-lowlatency – 5.15.0.113.104
linux-image-lowlatency-64k – 5.15.0.113.104
linux-image-nvidia – 5.15.0.1059.59
linux-image-nvidia-lowlatency – 5.15.0.1059.59
linux-image-virtual – 5.15.0.113.113
linux-image-xilinx-zynqmp – 5.15.0.1031.35

Ubuntu 20.04
linux-image-5.15.0-1064-aws – 5.15.0-1064.70~20.04.1
linux-image-aws – 5.15.0.1064.70~20.04.1
virtuoso-opensource – 6.1.6+repack-0ubuntu10+esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-6.1 – 6.1.6+repack-0ubuntu10+esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-6.1-bin – 6.1.6+repack-0ubuntu10+esm2 (dostupné pre Ubuntu Pro)
python3-cinder – 2:16.4.2-0ubuntu2.8
glance-common – 2:20.2.0-0ubuntu1.2
nova-common – 2:21.2.4-0ubuntu2.8
python3-nova – 2:21.2.4-0ubuntu2.8
apache2 – 2.4.41-4ubuntu3.19
libtomcat9-java – 9.0.31-1ubuntu0.5
tomcat9 – 9.0.31-1ubuntu0.5
linux-image-5.15.0-113-generic – 5.15.0-113.123~20.04.1
linux-image-5.15.0-113-generic-64k – 5.15.0-113.123~20.04.1
linux-image-5.15.0-113-generic-lpae – 5.15.0-113.123~20.04.1
linux-image-generic-64k-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-generic-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-generic-lpae-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-oem-20.04 – 5.15.0.113.123~20.04.1
linux-image-oem-20.04b – 5.15.0.113.123~20.04.1
linux-image-oem-20.04c – 5.15.0.113.123~20.04.1
linux-image-oem-20.04d – 5.15.0.113.123~20.04.1
linux-image-virtual-hwe-20.04 – 5.15.0.113.123~20.04.1
kopano-archiver – 8.7.0-7ubuntu1.1
kopano-contacts – 8.7.0-7ubuntu1.1
kopano-dagent – 8.7.0-7ubuntu1.1
kopano-gateway – 8.7.0-7ubuntu1.1
kopano-ical – 8.7.0-7ubuntu1.1
kopano-libs – 8.7.0-7ubuntu1.1
kopano-monitor – 8.7.0-7ubuntu1.1
kopano-server – 8.7.0-7ubuntu1.1
kopano-spooler – 8.7.0-7ubuntu1.1
kopano-utils – 8.7.0-7ubuntu1.1
php-mapi – 8.7.0-7ubuntu1.1
python3-mapi – 8.7.0-7ubuntu1.1
linux-image-5.15.0-113-generic – 5.15.0-113.123~20.04.1
linux-image-5.15.0-113-generic-64k – 5.15.0-113.123~20.04.1
linux-image-5.15.0-113-generic-lpae – 5.15.0-113.123~20.04.1
linux-image-generic-64k-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-generic-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-generic-lpae-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-oem-20.04 – 5.15.0.113.123~20.04.1
linux-image-oem-20.04b – 5.15.0.113.123~20.04.1
linux-image-oem-20.04c – 5.15.0.113.123~20.04.1
linux-image-oem-20.04d – 5.15.0.113.123~20.04.1
linux-image-virtual-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-5.15.0-1047-gkeop – 5.15.0-1047.54~20.04.1
linux-image-5.15.0-1059-intel-iotg – 5.15.0-1059.65~20.04.1
linux-image-5.15.0-1062-oracle – 5.15.0-1062.68~20.04.1
linux-image-5.15.0-1067-azure – 5.15.0-1067.76~20.04.1
linux-image-5.15.0-1067-azure-fde – 5.15.0-1067.76~20.04.1.1
linux-image-azure – 5.15.0.1067.76~20.04.1
linux-image-azure-cvm – 5.15.0.1067.76~20.04.1
linux-image-azure-fde – 5.15.0.1067.76~20.04.1.44
linux-image-gkeop-5.15 – 5.15.0.1047.54~20.04.1
linux-image-intel – 5.15.0.1059.65~20.04.1
linux-image-intel-iotg – 5.15.0.1059.65~20.04.1
linux-image-oracle – 5.15.0.1062.68~20.04.1
linux-image-5.15.0-113-lowlatency – 5.15.0-113.123~20.04.1
linux-image-5.15.0-113-lowlatency-64k – 5.15.0-113.123~20.04.1
linux-image-lowlatency-64k-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-lowlatency-hwe-20.04 – 5.15.0.113.123~20.04.1
linux-image-5.4.0-1039-iot – 5.4.0-1039.40
linux-image-5.4.0-1046-xilinx-zynqmp – 5.4.0-1046.50
linux-image-5.4.0-1074-ibm – 5.4.0-1074.79
linux-image-5.4.0-1087-bluefield – 5.4.0-1087.94
linux-image-5.4.0-1094-gkeop – 5.4.0-1094.98
linux-image-5.4.0-1111-raspi – 5.4.0-1111.123
linux-image-5.4.0-1115-kvm – 5.4.0-1115.122
linux-image-5.4.0-1126-oracle – 5.4.0-1126.135
linux-image-5.4.0-1127-aws – 5.4.0-1127.137
linux-image-5.4.0-1131-gcp – 5.4.0-1131.140
linux-image-5.4.0-1132-azure – 5.4.0-1132.139
linux-image-5.4.0-187-generic – 5.4.0-187.207
linux-image-5.4.0-187-generic-lpae – 5.4.0-187.207
linux-image-5.4.0-187-lowlatency – 5.4.0-187.207
linux-image-aws-lts-20.04 – 5.4.0.1127.124
linux-image-azure-lts-20.04 – 5.4.0.1132.126
linux-image-bluefield – 5.4.0.1087.83
linux-image-gcp-lts-20.04 – 5.4.0.1131.133
linux-image-generic – 5.4.0.187.185
linux-image-generic-lpae – 5.4.0.187.185
linux-image-gkeop – 5.4.0.1094.92
linux-image-gkeop-5.4 – 5.4.0.1094.92
linux-image-ibm-lts-20.04 – 5.4.0.1074.103
linux-image-kvm – 5.4.0.1115.111
linux-image-lowlatency – 5.4.0.187.185
linux-image-oem – 5.4.0.187.185
linux-image-oem-osp1 – 5.4.0.187.185
linux-image-oracle-lts-20.04 – 5.4.0.1126.119
linux-image-raspi – 5.4.0.1111.141
linux-image-raspi2 – 5.4.0.1111.141
linux-image-virtual – 5.4.0.187.185
linux-image-xilinx-zynqmp – 5.4.0.1046.46

Ubuntu 18.04
php7.2 – 7.2.24-0ubuntu0.18.04.17+esm4 (dostupné pre Ubuntu Pro)
php7.2-cgi – 7.2.24-0ubuntu0.18.04.17+esm4 (dostupné pre Ubuntu Pro)
php7.2-cli – 7.2.24-0ubuntu0.18.04.17+esm4 (dostupné pre Ubuntu Pro)
php7.2-fpm – 7.2.24-0ubuntu0.18.04.17+esm4 (dostupné pre Ubuntu Pro)
php7.2-xml – 7.2.24-0ubuntu0.18.04.17+esm4 (dostupné pre Ubuntu Pro)
php7.2-xmlrpc – 7.2.24-0ubuntu0.18.04.17+esm4 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1178-azure – 4.15.0-1178.193 (dostupné pre Ubuntu Pro)
linux-image-azure-lts-18.04 – 4.15.0.1178.146 (dostupné pre Ubuntu Pro)
virtuoso-opensource – 6.1.6+repack-0ubuntu9+esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-6.1 – 6.1.6+repack-0ubuntu9+esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-6.1-bin – 6.1.6+repack-0ubuntu9+esm2 (dostupné pre Ubuntu Pro)
libtomcat8-java – 8.5.39-1ubuntu1~18.04.3+esm1 (dostupné pre Ubuntu Pro)
libtomcat9-java – 9.0.16-3ubuntu0.18.04.2+esm1 (dostupné pre Ubuntu Pro)
tomcat8 – 8.5.39-1ubuntu1~18.04.3+esm1 (dostupné pre Ubuntu Pro)
tomcat9 – 9.0.16-3ubuntu0.18.04.2+esm1 (dostupné pre Ubuntu Pro)
kopano-archiver – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-contacts – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-dagent – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-gateway – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-ical – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-libs – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-monitor – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-server – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-spooler – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
kopano-utils – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
php-mapi – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
python-mapi – 8.5.5-0ubuntu1+esm1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1074-ibm – 5.4.0-1074.79~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1111-raspi – 5.4.0-1111.123~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1126-oracle – 5.4.0-1126.135~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1132-azure – 5.4.0-1132.139~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-187-generic – 5.4.0-187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-187-lowlatency – 5.4.0-187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-azure – 5.4.0.1132.139~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-generic-hwe-18.04 – 5.4.0.187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-ibm – 5.4.0.1074.79~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-lowlatency-hwe-18.04 – 5.4.0.187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-oem – 5.4.0.187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-oem-osp1 – 5.4.0.187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-oracle – 5.4.0.1126.135~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-raspi-hwe-18.04 – 5.4.0.1111.123~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-snapdragon-hwe-18.04 – 5.4.0.187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-virtual-hwe-18.04 – 5.4.0.187.207~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1132-oracle – 4.15.0-1132.143 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1153-kvm – 4.15.0-1153.158 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1163-gcp – 4.15.0-1163.180 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1169-aws – 4.15.0-1169.182 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-226-generic – 4.15.0-226.238 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-226-lowlatency – 4.15.0-226.238 (dostupné pre Ubuntu Pro)
linux-image-aws-lts-18.04 – 4.15.0.1169.167 (dostupné pre Ubuntu Pro)
linux-image-gcp-lts-18.04 – 4.15.0.1163.176 (dostupné pre Ubuntu Pro)
linux-image-generic – 4.15.0.226.210 (dostupné pre Ubuntu Pro)
linux-image-kvm – 4.15.0.1153.144 (dostupné pre Ubuntu Pro)
linux-image-lowlatency – 4.15.0.226.210 (dostupné pre Ubuntu Pro)
linux-image-oracle-lts-18.04 – 4.15.0.1132.137 (dostupné pre Ubuntu Pro)
linux-image-virtual – 4.15.0.226.210 (dostupné pre Ubuntu Pro)

Ubuntu 16.04
php7.0 – 7.0.33-0ubuntu0.16.04.16+esm10 (dostupné pre Ubuntu Pro)
php7.0-cgi – 7.0.33-0ubuntu0.16.04.16+esm10 (dostupné pre Ubuntu Pro)
php7.0-cli – 7.0.33-0ubuntu0.16.04.16+esm10 (dostupné pre Ubuntu Pro)
php7.0-fpm – 7.0.33-0ubuntu0.16.04.16+esm10 (dostupné pre Ubuntu Pro)
php7.0-xml – 7.0.33-0ubuntu0.16.04.16+esm10 (dostupné pre Ubuntu Pro)
php7.0-xmlrpc – 7.0.33-0ubuntu0.16.04.16+esm10 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1178-azure – 4.15.0-1178.193~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-azure – 4.15.0.1178.193~16.04.1 (dostupné pre Ubuntu Pro)
virtuoso-opensource – 6.1.6+repack-0ubuntu5+esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-6.1 – 6.1.6+repack-0ubuntu5+esm2 (dostupné pre Ubuntu Pro)
virtuoso-opensource-6.1-bin – 6.1.6+repack-0ubuntu5+esm2 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1132-oracle – 4.15.0-1132.143~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1163-gcp – 4.15.0-1163.180~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1169-aws – 4.15.0-1169.182~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-226-generic – 4.15.0-226.238~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-226-lowlatency – 4.15.0-226.238~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-aws-hwe – 4.15.0.1169.182~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-gcp – 4.15.0.1163.180~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-generic-hwe-16.04 – 4.15.0.226.238~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-gke – 4.15.0.1163.180~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-lowlatency-hwe-16.04 – 4.15.0.226.238~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-oem – 4.15.0.226.238~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-oracle – 4.15.0.1132.143~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-virtual-hwe-16.04 – 4.15.0.226.238~16.04.1 (dostupné pre Ubuntu Pro)

Následky
Vykonanie škodlivého kódu
Neoprávnený prístup k citlivým údajom
Neoprávnená zmena v systéme
Zneprístupnenie služby
Odporúčania
Administrátorom a používateľom odporúčame bezodkladne vykonať aktualizáciu zasiahnutých systémov.
Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.
Zdroje
https://ubuntu.com/security/notices/USN-6305-3
https://ubuntu.com/security/CVE-2023-3824
https://ubuntu.com/security/notices/USN-6864-2
https://ubuntu.com/security/notices/USN-6873-2
https://ubuntu.com/security/notices/USN-6870-2
https://ubuntu.com/security/notices/USN-6866-2
https://ubuntu.com/security/notices/USN-6879-1
https://ubuntu.com/security/notices/USN-6882-1
https://ubuntu.com/security/notices/USN-6883-1
https://ubuntu.com/security/notices/USN-6884-1
https://ubuntu.com/security/notices/USN-6885-1
https://ubuntu.com/security/notices/USN-6880-1
https://ubuntu.com/security/notices/USN-6871-1
https://ubuntu.com/security/notices/USN-6872-1
https://ubuntu.com/security/notices/USN-6873-1
https://ubuntu.com/security/notices/USN-6874-1
https://ubuntu.com/security/notices/USN-6863-1
https://ubuntu.com/security/notices/USN-6864-1
https://ubuntu.com/security/notices/USN-6875-1
https://ubuntu.com/security/notices/USN-6877-1
https://ubuntu.com/security/notices/USN-6878-1
https://ubuntu.com/security/notices/USN-6876-1
https://ubuntu.com/security/CVE-2022-26562
https://ubuntu.com/security/CVE-2019-19907
https://ubuntu.com/security/notices/USN-6871-1
https://ubuntu.com/security/notices/USN-6870-1
https://ubuntu.com/security/notices/USN-6869-1
https://ubuntu.com/security/notices/USN-6868-1
https://ubuntu.com/security/notices/USN-6866-1
https://github.com/jhonnybonny/CVE-2023-3824

« Späť na zoznam