{ "document" : { "aggregate_severity" : { "text" : "hoch" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Die GNU libc ist die Basis C Bibliothek unter Linux sowie anderen Unix-Betriebssystemen, welche die Systemaufrufe sowie Basisfunktionalität bereitstellt.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein Angreifer kann eine Schwachstelle in GNU libc ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, Code auszuführen oder seine Privilegien zu erweitern.", "title" : "Angriff" }, { "category" : "general", "text" : "- Linux\n- UNIX", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2024-0926 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0926.json" }, { "category" : "self", "summary" : "WID-SEC-2024-0926 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0926" }, { "category" : "external", "summary" : "OSS Mailing List vom 2024-04-17", "url" : "https://seclists.org/oss-sec/2024/q2/137" }, { "category" : "external", "summary" : "GitHub Advisory Database", "url" : "https://github.com/advisories/GHSA-22q4-f5r6-3xqw" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-2024-9BE1B94714 vom 2024-04-18", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2024-9be1b94714" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-2024-F7AE5DF88D vom 2024-04-18", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2024-f7ae5df88d" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-6737-1 vom 2024-04-18", "url" : "https://ubuntu.com/security/notices/USN-6737-1" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2024:1375-1 vom 2024-04-22", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018396.html" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-6737-2 vom 2024-04-29", "url" : "https://ubuntu.com/security/notices/USN-6737-2" }, { "category" : "external", "summary" : "Ubuntu Security Notice USN-6762-1 vom 2024-05-02", "url" : "https://ubuntu.com/security/notices/USN-6762-1" }, { "category" : "external", "summary" : "Debian Security Advisory DLA-3807 vom 2024-05-04", "url" : "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html" }, { "category" : "external", "summary" : "Gentoo Linux Security Advisory GLSA-202405-17 vom 2024-05-06", "url" : "https://security.gentoo.org/glsa/202405-17" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:2722 vom 2024-05-07", "url" : "https://access.redhat.com/errata/RHSA-2024:2722" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:2799 vom 2024-05-09", "url" : "https://access.redhat.com/errata/RHSA-2024:2799" }, { "category" : "external", "summary" : "Rocky Linux Security Advisory RLSA-2024:2722 vom 2024-05-09", "url" : "https://errata.build.resf.org/RLSA-2024:2722" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-2722 vom 2024-05-09", "url" : "https://linux.oracle.com/errata/ELSA-2024-2722.html" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2024:1675-1 vom 2024-05-17", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018540.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:2941 vom 2024-05-21", "url" : "https://access.redhat.com/errata/RHSA-2024:2941" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2024:1728-1 vom 2024-05-21", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018578.html" }, { "category" : "external", "summary" : "IBM Security Bulletin 7154630 vom 2024-05-22", "url" : "https://www.ibm.com/support/pages/node/7154630" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3269 vom 2024-05-22", "url" : "https://access.redhat.com/errata/RHSA-2024:3269" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3312 vom 2024-05-23", "url" : "https://access.redhat.com/errata/RHSA-2024:3312" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3309 vom 2024-05-23", "url" : "https://access.redhat.com/errata/RHSA-2024:3309" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3339 vom 2024-05-23", "url" : "https://access.redhat.com/errata/RHSA-2024:3339" }, { "category" : "external", "summary" : "GitHub Repository ambionics / cnext-exploits vom 2024-05-27", "url" : "https://github.com/ambionics/cnext-exploits/" }, { "category" : "external", "summary" : "Red Hat CVE-2024-2961 analysis", "url" : "https://access.redhat.com/security/cve/cve-2024-2961" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2024:1805-1 vom 2024-05-28", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018610.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3411 vom 2024-05-28", "url" : "https://access.redhat.com/errata/RHSA-2024:3411" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3423 vom 2024-05-28", "url" : "https://access.redhat.com/errata/RHSA-2024:3423" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3464 vom 2024-05-29", "url" : "https://access.redhat.com/errata/RHSA-2024:3464" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-3339 vom 2024-05-30", "url" : "http://linux.oracle.com/errata/ELSA-2024-3339.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-3269 vom 2024-05-30", "url" : "http://linux.oracle.com/errata/ELSA-2024-3269.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:3588 vom 2024-06-04", "url" : "https://access.redhat.com/errata/RHSA-2024:3588" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-3588 vom 2024-06-06", "url" : "https://linux.oracle.com/errata/ELSA-2024-3588.html" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2024:1977-1 vom 2024-06-11", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018687.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-12440 vom 2024-06-18", "url" : "https://linux.oracle.com/errata/ELSA-2024-12440.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-12442 vom 2024-06-18", "url" : "https://linux.oracle.com/errata/ELSA-2024-12442.html" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-12444 vom 2024-06-19", "url" : "https://linux.oracle.com/errata/ELSA-2024-12444.html" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:4126 vom 2024-06-26", "url" : "https://access.redhat.com/errata/RHSA-2024:4126" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2024-1930 vom 2024-06-28", "url" : "https://alas.aws.amazon.com/ALAS-2024-1930.html" }, { "category" : "external", "summary" : "Amazon Linux Security Advisory ALAS-2024-2521 vom 2024-06-28", "url" : "https://alas.aws.amazon.com/AL2/ALAS-2024-2521.html" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2024-022 vom 2024-07-03", "url" : "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities" }, { "category" : "external", "summary" : "Oracle Linux Security Advisory ELSA-2024-12472 vom 2024-07-03", "url" : "https://linux.oracle.com/errata/ELSA-2024-12472.html" }, { "category" : "external", "summary" : "IBM Security Bulletin 7160134 vom 2024-07-12", "url" : "https://www.ibm.com/support/pages/node/7160134" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18", "url" : "https://access.redhat.com/errata/RHSA-2024:4631" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2024-348 vom 2024-08-06", "url" : "https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities" }, { "category" : "external", "summary" : "IBM Security Bulletin 7165265 vom 2024-08-12", "url" : "https://www.ibm.com/support/pages/node/7165265" }, { "category" : "external", "summary" : "IBM Security Bulletin 7167111 vom 2024-09-03", "url" : "https://www.ibm.com/support/pages/node/7167111" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:7590 vom 2024-10-09", "url" : "https://access.redhat.com/errata/RHSA-2024:7590" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:7599 vom 2024-10-09", "url" : "https://access.redhat.com/errata/RHSA-2024:7599" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:7594 vom 2024-10-09", "url" : "https://access.redhat.com/errata/RHSA-2024:7594" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2024-422 vom 2024-10-10", "url" : "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:7939 vom 2024-10-16", "url" : "https://access.redhat.com/errata/RHSA-2024:7939" }, { "category" : "external", "summary" : "Red Hat Security Advisory RHSA-2024:8235 vom 2024-10-23", "url" : "https://access.redhat.com/errata/RHSA-2024:8235" }, { "category" : "external", "summary" : "IBM Security Bulletin", "url" : "https://www.ibm.com/support/pages/node/7174634" }, { "category" : "external", "summary" : "IBM Security Bulletin 7174729 vom 2024-11-04", "url" : "https://www.ibm.com/support/pages/node/7174729" }, { "category" : "external", "summary" : "phpMyAdmin Security Advisory PMASA-2025-3 vom 2025-01-21", "url" : "https://www.phpmyadmin.net/security/PMASA-2025-3/" }, { "category" : "external", "summary" : "Brocade Security Advisory BSA-2025-2895 vom 2025-02-13", "url" : "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25398" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2025-146 vom 2025-04-08", "url" : "https://www.dell.com/support/kbdoc/en-us/000299628/dsa-2025-146-security-update-for-dell-idrac9-vulnerabilities" }, { "category" : "external", "summary" : "SUSE Security Update SUSE-SU-2025:20038-1 vom 2025-06-04", "url" : "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021353.html" }, { "category" : "external", "summary" : "Siemens Security Advisory SSA-082556 vom 2025-06-10", "url" : "https://cert-portal.siemens.com/productcert/html/ssa-082556.html" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2025-339 vom 2025-09-01", "url" : "https://www.dell.com/support/kbdoc/de-de/000362542/dsa-2025-339-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities" }, { "category" : "external", "summary" : "Dell Security Advisory DSA-2025-166 vom 2025-10-14", "url" : "https://www.dell.com/support/kbdoc/de-de/000363693/dsa-2025-166-security-update-for-dell-powerscale-onefs-multiple-third-party-component-vulnerabilities" } ], "source_lang" : "en-US", "title" : "GNU libc: Schwachstelle ermöglicht Codeausführung", "tracking" : { "current_release_date" : "2025-10-13T22:00:00.000+00:00", "generator" : { "date" : "2025-10-14T09:19:50.759+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.4.0" } }, "id" : "WID-SEC-W-2024-0926", "initial_release_date" : "2024-04-17T22:00:00.000+00:00", "revision_history" : [ { "date" : "2024-04-17T22:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" }, { "date" : "2024-04-18T22:00:00.000+00:00", "number" : "2", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2024-04-22T22:00:00.000+00:00", "number" : "3", "summary" : "Neue Updates von SUSE aufgenommen" }, { "date" : "2024-04-29T22:00:00.000+00:00", "number" : "4", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2024-05-02T22:00:00.000+00:00", "number" : "5", "summary" : "Neue Updates von Ubuntu aufgenommen" }, { "date" : "2024-05-05T22:00:00.000+00:00", "number" : "6", "summary" : "Neue Updates von Debian aufgenommen" }, { "date" : "2024-05-06T22:00:00.000+00:00", "number" : "7", "summary" : "Neue Updates von Gentoo aufgenommen" }, { "date" : "2024-05-09T22:00:00.000+00:00", "number" : "8", "summary" : "Neue Updates von Red Hat, Rocky Enterprise Software Foundation und Oracle Linux aufgenommen" }, { "date" : "2024-05-16T22:00:00.000+00:00", "number" : "9", "summary" : "Neue Updates von SUSE aufgenommen" }, { "date" : "2024-05-20T22:00:00.000+00:00", "number" : "10", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-05-21T22:00:00.000+00:00", "number" : "11", "summary" : "Neue Updates von SUSE aufgenommen" }, { "date" : "2024-05-22T22:00:00.000+00:00", "number" : "12", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-05-23T22:00:00.000+00:00", "number" : "13", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-05-27T22:00:00.000+00:00", "number" : "14", "summary" : "PoC aufgenommen, Auswirkungen ergänzt." }, { "date" : "2024-05-28T22:00:00.000+00:00", "number" : "15", "summary" : "Neue Updates von SUSE und Red Hat aufgenommen" }, { "date" : "2024-05-30T22:00:00.000+00:00", "number" : "16", "summary" : "Neue Updates von Oracle Linux aufgenommen" }, { "date" : "2024-06-04T22:00:00.000+00:00", "number" : "17", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-06-05T22:00:00.000+00:00", "number" : "18", "summary" : "Neue Updates von Oracle Linux aufgenommen" }, { "date" : "2024-06-10T22:00:00.000+00:00", "number" : "19", "summary" : "Neue Updates von SUSE aufgenommen" }, { "date" : "2024-06-17T22:00:00.000+00:00", "number" : "20", "summary" : "Neue Updates von Oracle Linux aufgenommen" }, { "date" : "2024-06-18T22:00:00.000+00:00", "number" : "21", "summary" : "Neue Updates von Oracle Linux aufgenommen" }, { "date" : "2024-06-26T22:00:00.000+00:00", "number" : "22", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-06-30T22:00:00.000+00:00", "number" : "23", "summary" : "Neue Updates von Amazon aufgenommen" }, { "date" : "2024-07-02T22:00:00.000+00:00", "number" : "24", "summary" : "Neue Updates von Dell aufgenommen" }, { "date" : "2024-07-03T22:00:00.000+00:00", "number" : "25", "summary" : "Neue Updates von Oracle Linux aufgenommen" }, { "date" : "2024-07-11T22:00:00.000+00:00", "number" : "26", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2024-07-18T22:00:00.000+00:00", "number" : "27", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-08-05T22:00:00.000+00:00", "number" : "28", "summary" : "Neue Updates von Dell aufgenommen" }, { "date" : "2024-08-11T22:00:00.000+00:00", "number" : "29", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2024-09-03T22:00:00.000+00:00", "number" : "30", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2024-10-08T22:00:00.000+00:00", "number" : "31", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-10-09T22:00:00.000+00:00", "number" : "32", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-10-16T22:00:00.000+00:00", "number" : "33", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-10-23T22:00:00.000+00:00", "number" : "34", "summary" : "Neue Updates von Red Hat aufgenommen" }, { "date" : "2024-10-31T23:00:00.000+00:00", "number" : "35", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2024-11-04T23:00:00.000+00:00", "number" : "36", "summary" : "Neue Updates von IBM aufgenommen" }, { "date" : "2025-01-21T23:00:00.000+00:00", "number" : "37", "summary" : "Neue Updates von phpMyAdmin aufgenommen" }, { "date" : "2025-02-13T23:00:00.000+00:00", "number" : "38", "summary" : "Neue Updates von BROCADE aufgenommen" }, { "date" : "2025-04-08T22:00:00.000+00:00", "number" : "39", "summary" : "Neue Updates von Dell aufgenommen" }, { "date" : "2025-06-04T22:00:00.000+00:00", "number" : "40", "summary" : "Neue Updates von SUSE aufgenommen" }, { "date" : "2025-06-10T22:00:00.000+00:00", "number" : "41", "summary" : "Neue Updates von Siemens aufgenommen" }, { "date" : "2025-08-31T22:00:00.000+00:00", "number" : "42", "summary" : "Neue Updates von Dell aufgenommen" }, { "date" : "2025-10-13T22:00:00.000+00:00", "number" : "43", "summary" : "Neue Updates von Dell aufgenommen" } ], "status" : "final", "version" : "43" } }, "product_tree" : { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Amazon Linux 2", "product" : { "name" : "Amazon Linux 2", "product_id" : "398363", "product_identification_helper" : { "cpe" : "cpe:/o:amazon:linux_2:-" } } } ], "category" : "vendor", "name" : "Amazon" }, { "branches" : [ { "category" : "product_name", "name" : "Broadcom Brocade SANnav", "product" : { "name" : "Broadcom Brocade SANnav", "product_id" : "T034392", "product_identification_helper" : { "cpe" : "cpe:/a:broadcom:brocade_sannav:-" } } } ], "category" : "vendor", "name" : "Broadcom" }, { "branches" : [ { "category" : "product_name", "name" : "Debian Linux", "product" : { "name" : "Debian Linux", "product_id" : "2951", "product_identification_helper" : { "cpe" : "cpe:/o:debian:debian_linux:-" } } } ], "category" : "vendor", "name" : "Debian" }, { "branches" : [ { "category" : "product_name", "name" : "Dell Avamar", "product" : { "name" : "Dell Avamar", "product_id" : "T039664", "product_identification_helper" : { "cpe" : "cpe:/a:dell:avamar:-" } } }, { "branches" : [ { "category" : "product_name", "name" : "Dell NetWorker", "product" : { "name" : "Dell NetWorker", "product_id" : "T024663", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:-" } } }, { "category" : "product_version_range", "name" : "<19.11", "product" : { "name" : "Dell NetWorker <19.11", "product_id" : "T035785" } }, { "category" : "product_version", "name" : "19.11", "product" : { "name" : "Dell NetWorker 19.11", "product_id" : "T035785-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:dell:networker:19.11" } } } ], "category" : "product_name", "name" : "NetWorker" }, { "branches" : [ { "category" : "product_version", "name" : "OneFS", "product" : { "name" : "Dell PowerScale OneFS", "product_id" : "T034610", "product_identification_helper" : { "cpe" : "cpe:/a:dell:powerscale_onefs:onefs" } } } ], "category" : "product_name", "name" : "PowerScale" }, { "branches" : [ { "category" : "product_version_range", "name" : "<7.00.00.181", "product" : { "name" : "Dell integrated Dell Remote Access Controller <7.00.00.181", "product_id" : "T042656" } }, { "category" : "product_version", "name" : "7.00.00.181", "product" : { "name" : "Dell integrated Dell Remote Access Controller 7.00.00.181", "product_id" : "T042656-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:dell:idrac:7.00.00.181" } } }, { "category" : "product_version_range", "name" : "<7.20.30.50", "product" : { "name" : "Dell integrated Dell Remote Access Controller <7.20.30.50", "product_id" : "T042657" } }, { "category" : "product_version", "name" : "7.20.30.50", "product" : { "name" : "Dell integrated Dell Remote Access Controller 7.20.30.50", "product_id" : "T042657-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:dell:idrac:7.20.30.50" } } } ], "category" : "product_name", "name" : "integrated Dell Remote Access Controller" } ], "category" : "vendor", "name" : "Dell" }, { "branches" : [ { "category" : "product_name", "name" : "EMC Avamar", "product" : { "name" : "EMC Avamar", "product_id" : "T014381", "product_identification_helper" : { "cpe" : "cpe:/a:emc:avamar:-" } } } ], "category" : "vendor", "name" : "EMC" }, { "branches" : [ { "category" : "product_name", "name" : "Fedora Linux", "product" : { "name" : "Fedora Linux", "product_id" : "74185", "product_identification_helper" : { "cpe" : "cpe:/o:fedoraproject:fedora:-" } } } ], "category" : "vendor", "name" : "Fedora" }, { "branches" : [ { "category" : "product_name", "name" : "Gentoo Linux", "product" : { "name" : "Gentoo Linux", "product_id" : "T012167", "product_identification_helper" : { "cpe" : "cpe:/o:gentoo:linux:-" } } } ], "category" : "vendor", "name" : "Gentoo" }, { "branches" : [ { "category" : "product_name", "name" : "IBM App Connect Enterprise", "product" : { "name" : "IBM App Connect Enterprise", "product_id" : "T032495", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:app_connect_enterprise:-" } } }, { "category" : "product_name", "name" : "IBM DataPower Gateway", "product" : { "name" : "IBM DataPower Gateway", "product_id" : "393635", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:datapower_gateway:-" } } }, { "branches" : [ { "category" : "product_version_range", "name" : "Operator <3.1.3", "product" : { "name" : "IBM MQ Operator <3.1.3", "product_id" : "T034999" } }, { "category" : "product_version", "name" : "Operator 3.1.3", "product" : { "name" : "IBM MQ Operator 3.1.3", "product_id" : "T034999-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:mq:operator__3.1.3" } } }, { "category" : "product_version_range", "name" : "Operator <2.0.22 LTS", "product" : { "name" : "IBM MQ Operator <2.0.22 LTS", "product_id" : "T035000" } }, { "category" : "product_version", "name" : "Operator 2.0.22 LTS", "product" : { "name" : "IBM MQ Operator 2.0.22 LTS", "product_id" : "T035000-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:mq:operator__2.0.22_lts" } } } ], "category" : "product_name", "name" : "MQ" }, { "branches" : [ { "category" : "product_version_range", "name" : "<7.5.0 UP9", "product" : { "name" : "IBM QRadar SIEM <7.5.0 UP9", "product_id" : "T036127" } }, { "category" : "product_version", "name" : "7.5.0 UP9", "product" : { "name" : "IBM QRadar SIEM 7.5.0 UP9", "product_id" : "T036127-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:qradar_siem:7.5.0_up9" } } }, { "category" : "product_version_range", "name" : "<7.5.0 UP10 IF01", "product" : { "name" : "IBM QRadar SIEM <7.5.0 UP10 IF01", "product_id" : "T038741" } }, { "category" : "product_version", "name" : "7.5.0 UP10 IF01", "product" : { "name" : "IBM QRadar SIEM 7.5.0 UP10 IF01", "product_id" : "T038741-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01" } } } ], "category" : "product_name", "name" : "QRadar SIEM" }, { "category" : "product_name", "name" : "IBM Security Guardium", "product" : { "name" : "IBM Security Guardium", "product_id" : "T021345", "product_identification_helper" : { "cpe" : "cpe:/a:ibm:security_guardium:-" } } } ], "category" : "vendor", "name" : "IBM" }, { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : ">=2.39", "product" : { "name" : "Open Source GNU libc >=2.39", "product_id" : "T034296" } }, { "category" : "product_version_range", "name" : ">=2.39", "product" : { "name" : "Open Source GNU libc >=2.39", "product_id" : "T034296-fixed" } } ], "category" : "product_name", "name" : "GNU libc" }, { "branches" : [ { "category" : "product_version_range", "name" : "<5.2.2", "product" : { "name" : "Open Source phpMyAdmin <5.2.2", "product_id" : "T040507" } }, { "category" : "product_version", "name" : "5.2.2", "product" : { "name" : "Open Source phpMyAdmin 5.2.2", "product_id" : "T040507-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:phpmyadmin:phpmyadmin:5.2.2" } } } ], "category" : "product_name", "name" : "phpMyAdmin" } ], "category" : "vendor", "name" : "Open Source" }, { "branches" : [ { "category" : "product_name", "name" : "Oracle Linux", "product" : { "name" : "Oracle Linux", "product_id" : "T004914", "product_identification_helper" : { "cpe" : "cpe:/o:oracle:linux:-" } } } ], "category" : "vendor", "name" : "Oracle" }, { "branches" : [ { "category" : "product_name", "name" : "RESF Rocky Linux", "product" : { "name" : "RESF Rocky Linux", "product_id" : "T032255", "product_identification_helper" : { "cpe" : "cpe:/o:resf:rocky_linux:-" } } } ], "category" : "vendor", "name" : "RESF" }, { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Red Hat Enterprise Linux", "product" : { "name" : "Red Hat Enterprise Linux", "product_id" : "67646", "product_identification_helper" : { "cpe" : "cpe:/o:redhat:enterprise_linux:-" } } }, { "category" : "product_version", "name" : "Advanced Cluster Security for Kubernetes 4", "product" : { "name" : "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4", "product_id" : "T027916", "product_identification_helper" : { "cpe" : "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4" } } } ], "category" : "product_name", "name" : "Enterprise Linux" }, { "branches" : [ { "category" : "product_version", "name" : "Container Platform", "product" : { "name" : "Red Hat OpenShift Container Platform", "product_id" : "T025202", "product_identification_helper" : { "cpe" : "cpe:/a:redhat:openshift:container_platform" } } }, { "category" : "product_version_range", "name" : "Container Platform <4.12.67", "product" : { "name" : "Red Hat OpenShift Container Platform <4.12.67", "product_id" : "T038079" } }, { "category" : "product_version", "name" : "Container Platform 4.12.67", "product" : { "name" : "Red Hat OpenShift Container Platform 4.12.67", "product_id" : "T038079-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:redhat:openshift:container_platform__4.12.67" } } } ], "category" : "product_name", "name" : "OpenShift" } ], "category" : "vendor", "name" : "Red Hat" }, { "branches" : [ { "category" : "product_name", "name" : "SUSE Linux", "product" : { "name" : "SUSE Linux", "product_id" : "T002207", "product_identification_helper" : { "cpe" : "cpe:/o:suse:suse_linux:-" } } } ], "category" : "vendor", "name" : "SUSE" }, { "branches" : [ { "branches" : [ { "category" : "product_version", "name" : "1500 CPU", "product" : { "name" : "Siemens SIMATIC S7 1500 CPU", "product_id" : "T025776", "product_identification_helper" : { "cpe" : "cpe:/h:siemens:simatic_s7:1500_cpu" } } } ], "category" : "product_name", "name" : "SIMATIC S7" } ], "category" : "vendor", "name" : "Siemens" }, { "branches" : [ { "category" : "product_name", "name" : "Ubuntu Linux", "product" : { "name" : "Ubuntu Linux", "product_id" : "T000126", "product_identification_helper" : { "cpe" : "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category" : "vendor", "name" : "Ubuntu" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2024-2961", "product_status" : { "known_affected" : [ "T040507", "67646", "T036127", "T004914", "T038741", "T027916", "T042656", "T042657", "T024663", "398363", "T025776", "T034610", "T034999", "393635", "T035000", "T012167", "T032255", "T035785", "T038079", "74185", "T032495", "T039664", "T021345", "T014381", "2951", "T002207", "T034392", "T000126", "T025202" ] }, "release_date" : "2024-04-17T22:00:00.000+00:00", "title" : "CVE-2024-2961" } ] }