The German Federal Office for Information Security (BSI) has released an update for a Linux Kernel vulnerability with multiple weaknesses. The vulnerability affects the Linux operating system and various products, including Amazon Linux 2, Red Hat Enterprise Linux, Ubuntu Linux, SUSE Linux, Oracle Linux, EMC Avamar, IGEL OS, IBM Security Guardium, RESF Rocky Linux, Open Source Linux Kernel, SolarWinds Security Event Manager, Dell NetWorker, IBM Business Automation Workflow, and IBM Spectrum Protect Plus.
The Common Vulnerability Scoring System (CVSS) assigns a Base Score of 6.6, classifying the vulnerability as "medium" severity. A local attacker could exploit multiple vulnerabilities in the Linux Kernel to carry out unspecified attacks.
The vulnerabilities have been classified using the CVE (Common Vulnerabilities and Exposures) system with the following serial numbers: CVE-2024-26582, CVE-2024-26583, CVE-2024-26584, and CVE-2024-26585.