Tuned Security Update Advisory (CVE-2024-52336)

Dec 04 2024

Overview

An update has been released to address vulnerabilities in Tuned. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-52336

Tuned version: 2.23.0 (inclusive) ~ 2.24.1 (excluded)

Resolved Vulnerabilities

Vulnerability in the instance_create() D-Bus function in the script path, which allows local users to execute arbitrary scripts with root privileges without authentication (CVE-2024-52336)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-52336

Tuned version: 2.24.1

Referenced Sites

[1] CVE-2024-52336 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-52336

[2] Tuned/openwall

https://www.openwall.com/lists/oss-security/2024/11/28/1

Tuned Security Update Advisory (CVE-2024-52336)

Billion Electric Router Security Update Advisory (CVE-2024-11980)

IBM Product Security Update Advisory

Tags:

Billion Electric Router Security Update Advisory (CVE-2024-11980)

IBM Product Security Update Advisory