SK-CERT Bezpečnostné varovanie V20240925-18

Dôležitosť Kritická
Klasifikácia Neutajované/TLP:CLEAR
CVSS Skóre
9.8
Identifikátor
Linux Ubuntu – viacero kritických bezpečnostných zraniteľností
Popis
Vývojári Linux distribúcie Ubuntu vydali bezpečnostnú aktualizáciu svojho produktu, ktorá opravuje viacero bezpečnostných zraniteľností, z ktorých je viacero označených ako kritických.
Najzávažnejšie kritické bezpečnostné zraniteľnosti s identifikátormi CVE-2024-38474 a CVE-2024-38476 sa nachádzajú v balíčku apache2, spočívajú v nedostatočnej implementácii bezpečnostných mechanizmov a umožňujú vzdialenému, neautentifikovanému útočníkovi vykonať škodlivý kód, získať neoprávnený prístup k citlivým údajom, vykonať neoprávnené zmeny v systéme a spôsobiť zneprístupnenie služby.
Zneužitím ostatných bezpečnostných zraniteľností možno získať neoprávnený prístup k citlivým údajom, vykonať neoprávnené zmeny v systéme, spôsobiť zneprístupnenie služby, eskalovať privilégiá a vykonať škodlivý kód.
Zneužitie niektorých zraniteľností vyžaduje interakciu používateľa.
Dátum prvého zverejnenia varovania
22.9.2024
CVE
CVE-2024-8088, CVE-2024-7592, CVE-2024-7348, CVE-2024-6923, CVE-2024-6387, CVE-2024-6232, CVE-2024-45492, CVE-2024-45491, CVE-2024-45490, CVE-2024-44070, CVE-2024-42247, CVE-2024-42244, CVE-2024-42240, CVE-2024-42236, CVE-2024-42232, CVE-2024-42229, CVE-2024-42228, CVE-2024-42225, CVE-2024-42224, CVE-2024-42223, CVE-2024-42161, CVE-2024-42160, CVE-2024-42159, CVE-2024-42157, CVE-2024-42154, CVE-2024-42153, CVE-2024-42152, CVE-2024-42148, CVE-2024-42145, CVE-2024-42140, CVE-2024-42137, CVE-2024-42131, CVE-2024-42130, CVE-2024-42127, CVE-2024-42124, CVE-2024-42121, CVE-2024-42120, CVE-2024-42119, CVE-2024-42115, CVE-2024-42109, CVE-2024-42106, CVE-2024-42105, CVE-2024-42104, CVE-2024-42102, CVE-2024-42101, CVE-2024-42098, CVE-2024-42097, CVE-2024-42096, CVE-2024-42095, CVE-2024-42094, CVE-2024-42093, CVE-2024-42092, CVE-2024-42090, CVE-2024-42089, CVE-2024-42087, CVE-2024-42086, CVE-2024-42085, CVE-2024-42084, CVE-2024-42082, CVE-2024-42080, CVE-2024-42077, CVE-2024-42076, CVE-2024-42070, CVE-2024-42068, CVE-2024-41097, CVE-2024-41095, CVE-2024-41093, CVE-2024-41092, CVE-2024-41089, CVE-2024-41087, CVE-2024-41055, CVE-2024-41049, CVE-2024-41048, CVE-2024-41047, CVE-2024-41046, CVE-2024-41044, CVE-2024-41041, CVE-2024-41040, CVE-2024-41035, CVE-2024-41034, CVE-2024-41027, CVE-2024-41009, CVE-2024-41007, CVE-2024-41006, CVE-2024-41005, CVE-2024-41004, CVE-2024-41002, CVE-2024-41000, CVE-2024-40995, CVE-2024-40994, CVE-2024-40990, CVE-2024-40988, CVE-2024-40987, CVE-2024-40984, CVE-2024-40983, CVE-2024-40981, CVE-2024-40980, CVE-2024-40978, CVE-2024-40976, CVE-2024-40974, CVE-2024-40971, CVE-2024-40970, CVE-2024-40968, CVE-2024-40967, CVE-2024-40963, CVE-2024-40961, CVE-2024-40960, CVE-2024-40959, CVE-2024-40958, CVE-2024-40957, CVE-2024-40956, CVE-2024-40954, CVE-2024-40945, CVE-2024-40943, CVE-2024-40942, CVE-2024-40941, CVE-2024-40937, CVE-2024-40934, CVE-2024-40932, CVE-2024-40931, CVE-2024-40929, CVE-2024-40927, CVE-2024-40916, CVE-2024-40914, CVE-2024-40912, CVE-2024-40911, CVE-2024-40908, CVE-2024-40905, CVE-2024-40904, CVE-2024-40902, CVE-2024-40901, CVE-2024-39509, CVE-2024-39507, CVE-2024-39506, CVE-2024-39505, CVE-2024-39503, CVE-2024-39502, CVE-2024-39501, CVE-2024-39500, CVE-2024-39499, CVE-2024-39496, CVE-2024-39495, CVE-2024-39494, CVE-2024-39490, CVE-2024-39489, CVE-2024-39488, CVE-2024-39487, CVE-2024-39484, CVE-2024-39482, CVE-2024-39480, CVE-2024-39475, CVE-2024-39471, CVE-2024-39469, CVE-2024-39468, CVE-2024-39467, CVE-2024-39466, CVE-2024-39331, CVE-2024-39301, CVE-2024-39292, CVE-2024-39277, CVE-2024-39276, CVE-2024-38780, CVE-2024-38661, CVE-2024-38659, CVE-2024-38637, CVE-2024-38635, CVE-2024-38634, CVE-2024-38633, CVE-2024-38627, CVE-2024-38624, CVE-2024-38623, CVE-2024-38621, CVE-2024-38619, CVE-2024-38618, CVE-2024-38615, CVE-2024-38613, CVE-2024-38612, CVE-2024-38610, CVE-2024-38607, CVE-2024-38605, CVE-2024-38601, CVE-2024-38600, CVE-2024-38599, CVE-2024-38598, CVE-2024-38597, CVE-2024-38596, CVE-2024-38591, CVE-2024-38590, CVE-2024-38589, CVE-2024-38588, CVE-2024-38586, CVE-2024-38583, CVE-2024-38582, CVE-2024-38580, CVE-2024-38579, CVE-2024-38578, CVE-2024-38573, CVE-2024-38571, CVE-2024-38570, CVE-2024-38567, CVE-2024-38565, CVE-2024-38560, CVE-2024-38559, CVE-2024-38558, CVE-2024-38555, CVE-2024-38552, CVE-2024-38550, CVE-2024-38549, CVE-2024-38548, CVE-2024-38547, CVE-2024-38546, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-37356, CVE-2024-37078, CVE-2024-36978, CVE-2024-36975, CVE-2024-36974, CVE-2024-36972, CVE-2024-36971, CVE-2024-36969, CVE-2024-36967, CVE-2024-36965, CVE-2024-36964, CVE-2024-36960, CVE-2024-36959, CVE-2024-36957, CVE-2024-36955, CVE-2024-36954, CVE-2024-36953, CVE-2024-36952, CVE-2024-36950, CVE-2024-36947, CVE-2024-36946, CVE-2024-36941, CVE-2024-36940, CVE-2024-36939, CVE-2024-36938, CVE-2024-36937, CVE-2024-36934, CVE-2024-36933, CVE-2024-36931, CVE-2024-36929, CVE-2024-36928, CVE-2024-36919, CVE-2024-36916, CVE-2024-36906, CVE-2024-36905, CVE-2024-36904, CVE-2024-36902, CVE-2024-36901, CVE-2024-36894, CVE-2024-36889, CVE-2024-36886, CVE-2024-36883, CVE-2024-36880, CVE-2024-36489, CVE-2024-36286, CVE-2024-36270, CVE-2024-36032, CVE-2024-36031, CVE-2024-36029, CVE-2024-36025, CVE-2024-36020, CVE-2024-36017, CVE-2024-36016, CVE-2024-36015, CVE-2024-36014, CVE-2024-36008, CVE-2024-36007, CVE-2024-36006, CVE-2024-36005, CVE-2024-36004, CVE-2024-35997, CVE-2024-35990, CVE-2024-35989, CVE-2024-35988, CVE-2024-35984, CVE-2024-35982, CVE-2024-35978, CVE-2024-35976, CVE-2024-35973, CVE-2024-35970, CVE-2024-35969, CVE-2024-35960, CVE-2024-35958, CVE-2024-35955, CVE-2024-35950, CVE-2024-35947, CVE-2024-35944, CVE-2024-35940, CVE-2024-35938, CVE-2024-35936, CVE-2024-35935, CVE-2024-35934, CVE-2024-35933, CVE-2024-35930, CVE-2024-35927, CVE-2024-35925, CVE-2024-35922, CVE-2024-35915, CVE-2024-35912, CVE-2024-35910, CVE-2024-35907, CVE-2024-35905, CVE-2024-35902, CVE-2024-35900, CVE-2024-35899, CVE-2024-35898, CVE-2024-35897, CVE-2024-35896, CVE-2024-35895, CVE-2024-35893, CVE-2024-35890, CVE-2024-35888, CVE-2024-35886, CVE-2024-35885, CVE-2024-35884, CVE-2024-35879, CVE-2024-35877, CVE-2024-35872, CVE-2024-35871, CVE-2024-35857, CVE-2024-35855, CVE-2024-35854, CVE-2024-35853, CVE-2024-35852, CVE-2024-35851, CVE-2024-35849, CVE-2024-35848, CVE-2024-35847, CVE-2024-35825, CVE-2024-35823, CVE-2024-35822, CVE-2024-35821, CVE-2024-35819, CVE-2024-35817, CVE-2024-35815, CVE-2024-35813, CVE-2024-35809, CVE-2024-35807, CVE-2024-35806, CVE-2024-35805, CVE-2024-35804, CVE-2024-35796, CVE-2024-35791, CVE-2024-35789, CVE-2024-35785, CVE-2024-35247, CVE-2024-34777, CVE-2024-34509, CVE-2024-34508, CVE-2024-34027, CVE-2024-33847, CVE-2024-33621, CVE-2024-32465, CVE-2024-32021, CVE-2024-32020, CVE-2024-32004, CVE-2024-32002, CVE-2024-31076, CVE-2024-30205, CVE-2024-30204, CVE-2024-30203, CVE-2024-28130, CVE-2024-27437, CVE-2024-27401, CVE-2024-27399, CVE-2024-27398, CVE-2024-27396, CVE-2024-27395, CVE-2024-27393, CVE-2024-27059, CVE-2024-27020, CVE-2024-27019, CVE-2024-27018, CVE-2024-27017, CVE-2024-27016, CVE-2024-27015, CVE-2024-27013, CVE-2024-27012, CVE-2024-27009, CVE-2024-27008, CVE-2024-27004, CVE-2024-27001, CVE-2024-27000, CVE-2024-26999, CVE-2024-26996, CVE-2024-26994, CVE-2024-26993, CVE-2024-26989, CVE-2024-26988, CVE-2024-26984, CVE-2024-26981, CVE-2024-26980, CVE-2024-26977, CVE-2024-26976, CVE-2024-26974, CVE-2024-26973, CVE-2024-26970, CVE-2024-26969, CVE-2024-26966, CVE-2024-26965, CVE-2024-26964, CVE-2024-26961, CVE-2024-26960, CVE-2024-26958, CVE-2024-26957, CVE-2024-26956, CVE-2024-26955, CVE-2024-26952, CVE-2024-26951, CVE-2024-26950, CVE-2024-26937, CVE-2024-26936, CVE-2024-26935, CVE-2024-26934, CVE-2024-26931, CVE-2024-26929, CVE-2024-26926, CVE-2024-26925, CVE-2024-26923, CVE-2024-26922, CVE-2024-26921, CVE-2024-26900, CVE-2024-26886, CVE-2024-26830, CVE-2024-26828, CVE-2024-26817, CVE-2024-26814, CVE-2024-26813, CVE-2024-26812, CVE-2024-26811, CVE-2024-26810, CVE-2024-26787, CVE-2024-26687, CVE-2024-26680, CVE-2024-26677, CVE-2024-26654, CVE-2024-26642, CVE-2024-26629, CVE-2024-25742, CVE-2024-25741, CVE-2024-25739, CVE-2024-24861, CVE-2024-24859, CVE-2024-24858, CVE-2024-24857, CVE-2024-23848, CVE-2024-23307, CVE-2024-20506, CVE-2024-20505, CVE-2024-0727, CVE-2023-52887, CVE-2023-52884, CVE-2023-52882, CVE-2023-52880, CVE-2023-52760, CVE-2023-52752, CVE-2023-52699, CVE-2023-52629, CVE-2023-52585, CVE-2023-52488, CVE-2023-3446, CVE-2023-28617, CVE-2023-27043, CVE-2023-25815, CVE-2022-48863, CVE-2022-48808, CVE-2022-48791, CVE-2022-48772, CVE-2022-48339, CVE-2022-48338, CVE-2022-48337, CVE-2022-45939, CVE-2022-43272, CVE-2022-38096, CVE-2022-2121, CVE-2022-2068, CVE-2022-1292, CVE-2021-47188, CVE-2021-41690, CVE-2021-41689, CVE-2021-41688, CVE-2021-41687, CVE-2021-23840, CVE-2020-1968
IOC
Zasiahnuté systémy
Ubuntu 24.04
clamav – 1.0.7+dfsg-0ubuntu0.24.04.1
python3.12 – 3.12.3-1ubuntu0.2
python3.12-minimal – 3.12.3-1ubuntu0.2
dcmtk – 3.6.7-9.1ubuntu0.1~esm1 (dosatupné pre Ubuntu Pro)
libdcmtk17t64 – 3.6.7-9.1ubuntu0.1~esm1 (dosatupné pre Ubuntu Pro)
libxmltok1t64 – 1.2-4.1ubuntu2.24.0.4.1+esm1 (dosatupné pre Ubuntu Pro)
frr – 8.4.4-1.1ubuntu6.2
linux-image-6.8.0-1011-gke – 6.8.0-1011.14
linux-image-6.8.0-1013-ibm – 6.8.0-1013.13
linux-image-6.8.0-1013-oem – 6.8.0-1013.13
linux-image-6.8.0-1013-oracle – 6.8.0-1013.13
linux-image-6.8.0-1013-oracle-64k – 6.8.0-1013.13
linux-image-6.8.0-1014-nvidia – 6.8.0-1014.15
linux-image-6.8.0-1014-nvidia-64k – 6.8.0-1014.15
linux-image-6.8.0-1014-nvidia-lowlatency – 6.8.0-1014.15.1
linux-image-6.8.0-1014-nvidia-lowlatency-64k – 6.8.0-1014.15.1
linux-image-6.8.0-1015-gcp – 6.8.0-1015.17
linux-image-6.8.0-1016-aws – 6.8.0-1016.17
linux-image-6.8.0-45-generic – 6.8.0-45.45
linux-image-6.8.0-45-generic-64k – 6.8.0-45.45
linux-image-6.8.0-45-lowlatency – 6.8.0-45.45.1
linux-image-6.8.0-45-lowlatency-64k – 6.8.0-45.45.1
linux-image-aws – 6.8.0-1016.17
linux-image-gcp – 6.8.0-1015.17
linux-image-generic – 6.8.0-45.45
linux-image-generic-64k – 6.8.0-45.45
linux-image-generic-64k-hwe-24.04 – 6.8.0-45.45
linux-image-generic-hwe-24.04 – 6.8.0-45.45
linux-image-generic-lpae – 6.8.0-45.45
linux-image-gke – 6.8.0-1011.14
linux-image-ibm – 6.8.0-1013.13
linux-image-ibm-classic – 6.8.0-1013.13
linux-image-ibm-lts-24.04 – 6.8.0-1013.13
linux-image-kvm – 6.8.0-45.45
linux-image-lowlatency – 6.8.0-45.45.1
linux-image-lowlatency-64k – 6.8.0-45.45.1
linux-image-nvidia – 6.8.0-1014.15
linux-image-nvidia-64k – 6.8.0-1014.15
linux-image-nvidia-lowlatency – 6.8.0-1014.15.1
linux-image-nvidia-lowlatency-64k – 6.8.0-1014.15.1
linux-image-oem-24.04 – 6.8.0-1013.13
linux-image-oem-24.04a – 6.8.0-1013.13
linux-image-oracle – 6.8.0-1013.13
linux-image-oracle-64k – 6.8.0-1013.13
linux-image-virtual – 6.8.0-45.45
linux-image-virtual-hwe-24.04 – 6.8.0-45.45
emacs – 1:29.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
emacs-bin-common – 1:29.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
emacs-common – 1:29.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
emacs-el – 1:29.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)

Ubuntu 22.04
clamav – 0.103.12+dfsg-0ubuntu0.22.04.1
python3.10 – 3.10.12-1~22.04.6
python3.10-minimal – 3.10.12-1~22.04.6
dcmtk – 3.6.6-5ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
libdcmtk16 – 3.6.6-5ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
expat – 2.4.7-1ubuntu0.4
libexpat1 – 2.4.7-1ubuntu0.4
frr – 8.1-1ubuntu1.11
linux-image-5.15.0-1035-xilinx-zynqmp – 5.15.0-1035.39
linux-image-xilinx-zynqmp – 5.15.0.1035.39
linux-image-6.8.0-1014-nvidia – 6.8.0-1014.15~22.04.1
linux-image-6.8.0-1014-nvidia-64k – 6.8.0-1014.15~22.04.1
linux-image-6.8.0-45-lowlatency – 6.8.0-45.45.1~22.04.1
linux-image-6.8.0-45-lowlatency-64k – 6.8.0-45.45.1~22.04.1
linux-image-lowlatency-64k-hwe-22.04 – 6.8.0-45.45.1~22.04.1
linux-image-lowlatency-hwe-22.04 – 6.8.0-45.45.1~22.04.1
linux-image-nvidia-6.8 – 6.8.0-1014.15~22.04.1
linux-image-nvidia-64k-6.8 – 6.8.0-1014.15~22.04.1
linux-image-5.15.0-1053-gkeop – 5.15.0-1053.60
linux-image-5.15.0-1063-ibm – 5.15.0-1063.66
linux-image-5.15.0-1063-raspi – 5.15.0-1063.66
linux-image-5.15.0-1065-intel-iotg – 5.15.0-1065.71
linux-image-5.15.0-1065-nvidia – 5.15.0-1065.66
linux-image-5.15.0-1065-nvidia-lowlatency – 5.15.0-1065.66
linux-image-5.15.0-1067-gke – 5.15.0-1067.73
linux-image-5.15.0-1067-kvm – 5.15.0-1067.72
linux-image-5.15.0-1068-oracle – 5.15.0-1068.74
linux-image-5.15.0-1069-gcp – 5.15.0-1069.77
linux-image-5.15.0-1070-aws – 5.15.0-1070.76
linux-image-5.15.0-1073-azure – 5.15.0-1073.82
linux-image-5.15.0-122-generic – 5.15.0-122.132
linux-image-5.15.0-122-generic-64k – 5.15.0-122.132
linux-image-5.15.0-122-generic-lpae – 5.15.0-122.132
linux-image-aws-lts-22.04 – 5.15.0.1070.70
linux-image-azure-lts-22.04 – 5.15.0.1073.71
linux-image-gcp-lts-22.04 – 5.15.0.1069.65
linux-image-generic – 5.15.0.122.122
linux-image-generic-64k – 5.15.0.122.122
linux-image-generic-lpae – 5.15.0.122.122
linux-image-gke – 5.15.0.1067.66
linux-image-gke-5.15 – 5.15.0.1067.66
linux-image-gkeop – 5.15.0.1053.52
linux-image-gkeop-5.15 – 5.15.0.1053.52
linux-image-ibm – 5.15.0.1063.59
linux-image-intel-iotg – 5.15.0.1065.65
linux-image-kvm – 5.15.0.1067.63
linux-image-nvidia – 5.15.0.1065.65
linux-image-nvidia-lowlatency – 5.15.0.1065.65
linux-image-oracle-lts-22.04 – 5.15.0.1068.64
linux-image-raspi – 5.15.0.1063.61
linux-image-raspi-nolpae – 5.15.0.1063.61
linux-image-virtual – 5.15.0.122.122
emacs – 1:27.1+1-3ubuntu5.2
emacs-bin-common – 1:27.1+1-3ubuntu5.2
emacs-common – 1:27.1+1-3ubuntu5.2
emacs-el – 1:27.1+1-3ubuntu5.2
python2.7 – 2.7.18-13ubuntu1.2+esm2 (dosatupné pre Ubuntu Pro)
python2.7-minimal – 2.7.18-13ubuntu1.2+esm2 (dosatupné pre Ubuntu Pro)

Ubuntu 20.04
clamav – 0.103.12+dfsg-0ubuntu0.20.04.1
python3.8 – 3.8.10-0ubuntu1~20.04.12
python3.8-minimal – 3.8.10-0ubuntu1~20.04.12
dcmtk – 3.6.4-2.1ubuntu0.1
libdcmtk14 – 3.6.4-2.1ubuntu0.1
linux-image-5.15.0-1053-gkeop – 5.15.0-1053.60~20.04.1
linux-image-5.15.0-1065-intel-iotg – 5.15.0-1065.71~20.04.1
linux-image-5.15.0-1069-gcp – 5.15.0-1069.77~20.04.1
linux-image-5.15.0-1070-aws – 5.15.0-1070.76~20.04.1
linux-image-5.15.0-1073-azure – 5.15.0-1073.82~20.04.1
linux-image-5.15.0-122-generic – 5.15.0-122.132~20.04.1
linux-image-5.15.0-122-generic-64k – 5.15.0-122.132~20.04.1
linux-image-5.15.0-122-generic-lpae – 5.15.0-122.132~20.04.1
linux-image-aws – 5.15.0.1070.76~20.04.1
linux-image-azure – 5.15.0.1073.82~20.04.1
linux-image-azure-cvm – 5.15.0.1073.82~20.04.1
linux-image-gcp – 5.15.0.1069.77~20.04.1
linux-image-generic-64k-hwe-20.04 – 5.15.0.122.132~20.04.1
linux-image-generic-hwe-20.04 – 5.15.0.122.132~20.04.1
linux-image-generic-lpae-hwe-20.04 – 5.15.0.122.132~20.04.1
linux-image-gkeop-5.15 – 5.15.0.1053.60~20.04.1
linux-image-intel – 5.15.0.1065.71~20.04.1
linux-image-intel-iotg – 5.15.0.1065.71~20.04.1
linux-image-oem-20.04 – 5.15.0.122.132~20.04.1
linux-image-oem-20.04b – 5.15.0.122.132~20.04.1
linux-image-oem-20.04c – 5.15.0.122.132~20.04.1
linux-image-oem-20.04d – 5.15.0.122.132~20.04.1
linux-image-virtual-hwe-20.04 – 5.15.0.122.132~20.04.1
linux-image-5.4.0-1052-xilinx-zynqmp – 5.4.0-1052.56
linux-image-5.4.0-1080-ibm – 5.4.0-1080.85
linux-image-5.4.0-1093-bluefield – 5.4.0-1093.100
linux-image-5.4.0-1100-gkeop – 5.4.0-1100.104
linux-image-5.4.0-1121-kvm – 5.4.0-1121.129
linux-image-5.4.0-1132-oracle – 5.4.0-1132.141
linux-image-5.4.0-1133-aws – 5.4.0-1133.143
linux-image-5.4.0-1137-gcp – 5.4.0-1137.146
linux-image-5.4.0-1138-azure – 5.4.0-1138.145
linux-image-5.4.0-196-generic – 5.4.0-196.216
linux-image-5.4.0-196-generic-lpae – 5.4.0-196.216
linux-image-5.4.0-196-lowlatency – 5.4.0-196.216
linux-image-aws-lts-20.04 – 5.4.0.1133.130
linux-image-azure-lts-20.04 – 5.4.0.1138.132
linux-image-bluefield – 5.4.0.1093.89
linux-image-gcp-lts-20.04 – 5.4.0.1137.139
linux-image-generic – 5.4.0.196.194
linux-image-generic-lpae – 5.4.0.196.194
linux-image-gkeop – 5.4.0.1100.98
linux-image-gkeop-5.4 – 5.4.0.1100.98
linux-image-ibm-lts-20.04 – 5.4.0.1080.109
linux-image-kvm – 5.4.0.1121.117
linux-image-lowlatency – 5.4.0.196.194
linux-image-oem – 5.4.0.196.194
linux-image-oem-osp1 – 5.4.0.196.194
linux-image-oracle-lts-20.04 – 5.4.0.1132.125
linux-image-virtual – 5.4.0.196.194
linux-image-xilinx-zynqmp – 5.4.0.1052.52
emacs – 1:26.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
emacs-bin-common – 1:26.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
emacs-common – 1:26.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
emacs-el – 1:26.3+1-1ubuntu2+esm1 (dosatupné pre Ubuntu Pro)
python2.7 – 2.7.18-1~20.04.4+esm2 (dosatupné pre Ubuntu Pro)
python2.7-minimal – 2.7.18-1~20.04.4+esm2 (dosatupné pre Ubuntu Pro)

Ubuntu 18.04
dcmtk – 3.6.2-3ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
libdcmtk12 – 3.6.2-3ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
clamav – 0.103.12+dfsg-0ubuntu0.18.04.1+esm1 (dosatupné pre Ubuntu Pro)
apache2 – 2.4.29-1ubuntu4.27+esm3 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-1080-ibm – 5.4.0-1080.85~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-1132-oracle – 5.4.0-1132.141~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-1133-aws – 5.4.0-1133.143~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-1137-gcp – 5.4.0-1137.146~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-1138-azure – 5.4.0-1138.145~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-196-generic – 5.4.0-196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-5.4.0-196-lowlatency – 5.4.0-196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-aws – 5.4.0.1133.143~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-azure – 5.4.0.1138.145~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-gcp – 5.4.0.1137.146~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-generic-hwe-18.04 – 5.4.0.196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-ibm – 5.4.0.1080.85~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-lowlatency-hwe-18.04 – 5.4.0.196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-oem – 5.4.0.196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-oem-osp1 – 5.4.0.196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-oracle – 5.4.0.1132.141~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-snapdragon-hwe-18.04 – 5.4.0.196.216~18.04.1 (dosatupné pre Ubuntu Pro)
linux-image-virtual-hwe-18.04 – 5.4.0.196.216~18.04.1 (dosatupné pre Ubuntu Pro)
git – 1:2.17.1-1ubuntu0.18+esm1 (dosatupné pre Ubuntu Pro)
emacs25 – 25.2+1-6ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
emacs25-bin-common – 25.2+1-6ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
emacs25-common – 25.2+1-6ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
emacs25-el – 25.2+1-6ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
python2.7 – 2.7.17-1~18.04ubuntu1.13+esm5 (dosatupné pre Ubuntu Pro)
python2.7-minimal – 2.7.17-1~18.04ubuntu1.13+esm5 (dosatupné pre Ubuntu Pro)

Ubuntu 16.04
dcmtk – 3.6.1~20150924-5ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
libdcmtk5 – 3.6.1~20150924-5ubuntu0.1~esm2 (dosatupné pre Ubuntu Pro)
clamav – 0.103.12+dfsg-0ubuntu0.16.04.1+esm1 (dosatupné pre Ubuntu Pro)
apache2 – 2.4.18-2ubuntu3.17+esm13 (dosatupné pre Ubuntu Pro)
git – 1:2.7.4-0ubuntu1.10+esm8 (dosatupné pre Ubuntu Pro)
emacs24 – 24.5+1-6ubuntu1.1+esm4 (dosatupné pre Ubuntu Pro)
emacs24-bin-common – 24.5+1-6ubuntu1.1+esm4 (dosatupné pre Ubuntu Pro)
emacs24-common – 24.5+1-6ubuntu1.1+esm4 (dosatupné pre Ubuntu Pro)
emacs24-el – 24.5+1-6ubuntu1.1+esm4 (dosatupné pre Ubuntu Pro)
python2.7 – 2.7.12-1ubuntu0~16.04.18+esm10 (dosatupné pre Ubuntu Pro)
python2.7-minimal – 2.7.12-1ubuntu0~16.04.18+esm10 (dosatupné pre Ubuntu Pro)
python3.5 – 3.5.2-2ubuntu0~16.04.13+esm14 (dosatupné pre Ubuntu Pro)
python3.5-minimal – 3.5.2-2ubuntu0~16.04.13+esm14 (dosatupné pre Ubuntu Pro)
postgresql-9.5 – 9.5.25-0ubuntu0.16.04.1+esm8 (dosatupné pre Ubuntu Pro)
postgresql-client-9.5 – 9.5.25-0ubuntu0.16.04.1+esm8 (dosatupné pre Ubuntu Pro)

Ubuntu 14.04
libssl1.0.0 – 1.0.1f-1ubuntu2.27+esm10 (dosatupné pre Ubuntu Pro)
openssl – 1.0.1f-1ubuntu2.27+esm10 (dosatupné pre Ubuntu Pro)

Následky
Vykonanie škodlivého kódu
Eskalácia privilégií
Neoprávnený prístup k citlivým údajom
Neoprávnená zmena v systéme
Zneprístupnenie služby
Odporúčania
Administrátorom a používateľom odporúčame bezodkladne vykonať aktualizáciu zasiahnutých systémov.
Pri produktoch, pre ktoré ešte neboli vydané bezpečnostné záplaty, odporúčame zraniteľnosti mitigovať podľa odporúčaní od výrobcu, sledovať stránky výrobcu a po vydaní príslušných záplat systémy aktualizovať.
Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.
Taktiež odporúčame poučiť používateľov, aby neotvárali neoverené e-mailové správy, prílohy z neznámych zdrojov a nenavštevovali nedôveryhodné webové stránky.
Zdroje
https://ubuntu.com/security/notices/USN-6885-3
https://ubuntu.com/security/CVE-2024-38474
https://ubuntu.com/security/CVE-2024-38476
https://ubuntu.com/security/notices/USN-7011-1
https://ubuntu.com/security/notices/USN-7015-1
https://ubuntu.com/security/notices/USN-7010-1
https://ubuntu.com/security/notices/USN-7011-2
https://ubuntu.com/security/notices/USN-7001-2
https://ubuntu.com/security/notices/USN-7000-2
https://ubuntu.com/security/notices/USN-7016-1
https://ubuntu.com/security/notices/USN-7018-1
https://ubuntu.com/security/notices/USN-7019-1
https://ubuntu.com/security/notices/USN-7020-1
https://ubuntu.com/security/notices/USN-7021-1
https://ubuntu.com/security/notices/USN-7022-1
https://ubuntu.com/security/notices/USN-7023-1
https://ubuntu.com/security/notices/USN-7027-1
https://ubuntu.com/security/notices/USN-7015-2
https://ubuntu.com/security/notices/USN-6968-2

« Späť na zoznam