RLSA-2024:10384
Important: tuned security update
Topic
An update is available for tuned.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Description
The tuned packages provide a service that tunes system settings according to a selected profile.
Security Fix(es):
* tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root (CVE-2024-52336)
* tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method (CVE-2024-52337)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Rocky Linux 9
SRPMs
- tuned-0:2.24.0-2.el9_5.src.rpm
RPMs
- tuned-utils-0:2.24.0-2.el9_5.noarch.rpm
- tuned-0:2.24.0-2.el9_5.noarch.rpm
- tuned-gtk-0:2.24.0-2.el9_5.noarch.rpm
- tuned-ppd-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-atomic-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-cpu-partitioning-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-mssql-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-nfv-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-nfv-guest-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-nfv-host-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-oracle-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-postgresql-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-realtime-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-sap-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-sap-hana-0:2.24.0-2.el9_5.noarch.rpm
- tuned-profiles-spectrumscale-0:2.24.0-2.el9_5.noarch.rpm
Issued: 3/17/2025
Type: Security
Severity: Important
Affected Product
- Rocky Linux 9
References
- No references