{"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2024:6726","synopsis":"Important: fence-agents security update","severity":"SEVERITY_IMPORTANT","topic":"An update is available for fence-agents.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list","description":"The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. \n\nSecurity Fix(es):\n\n* pypa\/setuptools: Remote code execution via download functions in the package_index module in pypa\/setuptools (CVE-2024-6345)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","solution":null,"affectedProducts":["Rocky Linux 9"],"fixes":[{"ticket":"2297771","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2297771","description":""}],"cves":[{"name":"CVE-2024-6345","sourceBy":"MITRE","sourceLink":"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-6345","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-94"}],"references":[],"publishedAt":"2024-09-30T14:31:43.994145Z","rpms":{"Rocky Linux 9":{"nvras":["fence-agents-0:4.10.0-62.el9_4.5.src.rpm","fence-agents-aliyun-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-all-0:4.10.0-62.el9_4.5.aarch64.rpm","fence-agents-all-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-all-0:4.10.0-62.el9_4.5.s390x.rpm","fence-agents-all-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-amt-ws-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-apc-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-apc-snmp-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-aws-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-azure-arm-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-bladecenter-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-brocade-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-cisco-mds-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-cisco-ucs-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-common-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-compute-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-compute-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-drac5-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-eaton-snmp-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-emerson-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-eps-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-gce-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-heuristics-ping-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-hpblade-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ibmblade-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ibm-powervs-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ibm-vpc-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ifmib-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ilo2-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ilo-moonshot-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ilo-mp-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ilo-ssh-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-intelmodular-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ipdu-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-ipmilan-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-kdump-0:4.10.0-62.el9_4.5.aarch64.rpm","fence-agents-kdump-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-kdump-0:4.10.0-62.el9_4.5.s390x.rpm","fence-agents-kdump-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.aarch64.rpm","fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.s390x.rpm","fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-kubevirt-0:4.10.0-62.el9_4.5.aarch64.rpm","fence-agents-kubevirt-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-kubevirt-0:4.10.0-62.el9_4.5.s390x.rpm","fence-agents-kubevirt-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.aarch64.rpm","fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.s390x.rpm","fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-lpar-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-mpath-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-openstack-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-openstack-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-redfish-0:4.10.0-62.el9_4.5.aarch64.rpm","fence-agents-redfish-0:4.10.0-62.el9_4.5.ppc64le.rpm","fence-agents-redfish-0:4.10.0-62.el9_4.5.s390x.rpm","fence-agents-redfish-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-agents-rhevm-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-rsa-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-rsb-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-sbd-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-scsi-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-virsh-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-vmware-rest-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-vmware-soap-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-wti-0:4.10.0-62.el9_4.5.noarch.rpm","fence-agents-zvm-0:4.10.0-62.el9_4.5.s390x.rpm","fence-virt-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-cpg-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-cpg-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virt-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-libvirt-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-libvirt-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-multicast-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-multicast-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-serial-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-serial-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-tcp-0:4.10.0-62.el9_4.5.x86_64.rpm","fence-virtd-tcp-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm","ha-cloud-support-0:4.10.0-62.el9_4.5.x86_64.rpm","ha-cloud-support-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm"]}},"rebootSuggested":false,"buildReferences":[]}

Rocky Linux: RLSA-2024:6726 fence-agents security update Security Advisories Updates

September 30, 2024
An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Summary

An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): * pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

RPMs

fence-agents-0:4.10.0-62.el9_4.5.src.rpm

fence-agents-aliyun-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-all-0:4.10.0-62.el9_4.5.aarch64.rpm

fence-agents-all-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-all-0:4.10.0-62.el9_4.5.s390x.rpm

fence-agents-all-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-amt-ws-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-apc-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-apc-snmp-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-aws-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-azure-arm-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-bladecenter-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-brocade-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-cisco-mds-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-cisco-ucs-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-common-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-compute-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-compute-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-drac5-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-eaton-snmp-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-emerson-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-eps-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-gce-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-heuristics-ping-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-hpblade-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ibmblade-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ibm-powervs-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ibm-vpc-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ifmib-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ilo2-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ilo-moonshot-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ilo-mp-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ilo-ssh-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-intelmodular-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ipdu-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-ipmilan-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-kdump-0:4.10.0-62.el9_4.5.aarch64.rpm

fence-agents-kdump-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-kdump-0:4.10.0-62.el9_4.5.s390x.rpm

fence-agents-kdump-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.aarch64.rpm

fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.s390x.rpm

fence-agents-kdump-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-kubevirt-0:4.10.0-62.el9_4.5.aarch64.rpm

fence-agents-kubevirt-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-kubevirt-0:4.10.0-62.el9_4.5.s390x.rpm

fence-agents-kubevirt-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.aarch64.rpm

fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.s390x.rpm

fence-agents-kubevirt-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-lpar-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-mpath-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-openstack-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-openstack-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-redfish-0:4.10.0-62.el9_4.5.aarch64.rpm

fence-agents-redfish-0:4.10.0-62.el9_4.5.ppc64le.rpm

fence-agents-redfish-0:4.10.0-62.el9_4.5.s390x.rpm

fence-agents-redfish-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-agents-rhevm-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-rsa-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-rsb-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-sbd-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-scsi-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-virsh-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-vmware-rest-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-vmware-soap-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-wti-0:4.10.0-62.el9_4.5.noarch.rpm

fence-agents-zvm-0:4.10.0-62.el9_4.5.s390x.rpm

fence-virt-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-cpg-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-cpg-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virt-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-libvirt-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-libvirt-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-multicast-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-multicast-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-serial-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-serial-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-tcp-0:4.10.0-62.el9_4.5.x86_64.rpm

fence-virtd-tcp-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

ha-cloud-support-0:4.10.0-62.el9_4.5.x86_64.rpm

ha-cloud-support-debuginfo-0:4.10.0-62.el9_4.5.x86_64.rpm

References

No References

CVEs

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345

Severity
Name: RLSA-2024:6726
Affected Products: Rocky Linux 9

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2297771


Related News

Google Releases Chrome 130 with Critical Security Fixes for 17 Flaws
3 - 5 min read
Google recently unveiled Chrome 130 , an update that addresses several security vulnerabilities to ensure the web browser's safety and reliability.
U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors
3 - 5 min read
U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies.
FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems
3 - 5 min read
As malware threats evolve to increasingly target Linux systems, admins and organizations must stay up-to-date on the latest Linux malware variants
Optimizing CWPP on Linux Servers: Best Practices and Configurations
3 - 6 min read
Cloud Workload Protection Platforms are now essential for securing virtual environments. These provide a robust security layer vital for addressing
The Infiltration of Supply Chain Attacks in Open-Source Software Management
3 - 6 min read
Open-source projects are renowned for their collaborative nature and widespread adoption, yet more sophisticated supply chain attacks target them
Strengthen Your Linux Software Development Pipeline with Code Security Scanners
3 - 6 min read
Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security
Everything You Need to Know About Cloud Security Posture Management
3 - 5 min read
Many companies are transitioning from physical servers to cloud operations, but this transformation brings new challenges. Cloud Security Posture
Understanding the Critical Oath-Toolkit Vulnerability and Its Implications for Admins
3 - 5 min read
As Linux security threats advance and evolve, vulnerabilities often surface unexpectedly, exposing systems to potential exploitation. SUSE

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved