CERTFR-2025-AVI-0335_Multiples vulnérabilités dans le noyau Linux de Red Hat
AVIS CERT
CERT-FR
Publié le 18 avril 2025 à 14h53
Objet
Multiples vulnérabilités dans le noyau Linux de Red Hat
Référence
CERTFR-2025-AVI-0335
Risques
- Déni de service
- Contournement de la politique de sécurité
- Atteinte à la confidentialité des données
Systèmes affectés
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
- Red Hat Enterprise Linux Server - TUS 8.8 x86_64
- Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux Server - AUS 9.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
- Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server - AUS 7.7 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Résumé
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un déni de service.
Documentation
- Bulletin de sécurité Red Hat RHSA-2025:3880
- Bulletin de sécurité Red Hat RHSA-2025:3894
- Bulletin de sécurité Red Hat RHSA-2025:3839
- Bulletin de sécurité Red Hat RHSA-2025:3889
- Bulletin de sécurité Red Hat RHSA-2025:3887
- Bulletin de sécurité Red Hat RHSA-2025:3901
- Bulletin de sécurité Red Hat RHSA-2025:3935
- Bulletin de sécurité Red Hat RHSA-2025:3937
- Bulletin de sécurité Red Hat RHSA-2025:3893
- Bulletin de sécurité Red Hat RHSA-2025:3838
- Bulletin de sécurité Red Hat RHSA-2025:3827
- Bulletin de sécurité Red Hat RHSA-2025:3832
- Bulletin de sécurité Red Hat RHSA-2025:3931
- Bulletin de sécurité Red Hat RHSA-2025:3903
- Bulletin de sécurité Red Hat RHSA-2025:3861
- CVE-2024-36939
- CVE-2024-26614
- CVE-2023-52762
- CVE-2024-53150
- CVE-2024-50192
- CVE-2023-52784
- CVE-2024-26779
- CVE-2024-27048
- CVE-2024-36902
- CVE-2024-53241
- CVE-2024-35938
- CVE-2024-36010
- CVE-2024-35900
- CVE-2022-49541
- CVE-2021-47101