ALSA-2024:10384

See a problem?
Please try reporting it to the source first.
Source
https://errata.almalinux.org/9/ALSA-2024-10384.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:10384.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2024:10384
Related
Published
2024-11-26T00:00:00Z
Modified
2024-12-02T10:37:46Z
Summary
Important: tuned security update
Details

The tuned packages provide a service that tunes system settings according to a selected profile.

Security Fix(es):

  • tuned: script_pre and script_post options allow to pass arbitrary scripts executed by root (CVE-2024-52336)
  • tuned: improper sanitization of instance_name parameter of the instance_create() method (CVE-2024-52337)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / tuned

Package

Name
tuned
Purl
pkg:rpm/almalinux/tuned

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-gtk

Package

Name
tuned-gtk
Purl
pkg:rpm/almalinux/tuned-gtk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-ppd

Package

Name
tuned-ppd
Purl
pkg:rpm/almalinux/tuned-ppd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-atomic

Package

Name
tuned-profiles-atomic
Purl
pkg:rpm/almalinux/tuned-profiles-atomic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-cpu-partitioning

Package

Name
tuned-profiles-cpu-partitioning
Purl
pkg:rpm/almalinux/tuned-profiles-cpu-partitioning

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-mssql

Package

Name
tuned-profiles-mssql
Purl
pkg:rpm/almalinux/tuned-profiles-mssql

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-oracle

Package

Name
tuned-profiles-oracle
Purl
pkg:rpm/almalinux/tuned-profiles-oracle

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-postgresql

Package

Name
tuned-profiles-postgresql
Purl
pkg:rpm/almalinux/tuned-profiles-postgresql

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-realtime

Package

Name
tuned-profiles-realtime
Purl
pkg:rpm/almalinux/tuned-profiles-realtime

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-profiles-spectrumscale

Package

Name
tuned-profiles-spectrumscale
Purl
pkg:rpm/almalinux/tuned-profiles-spectrumscale

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1

AlmaLinux:9 / tuned-utils

Package

Name
tuned-utils
Purl
pkg:rpm/almalinux/tuned-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.0-2.el9_5.alma.1