Red Hat Product Errata RHSA-2024:3513 - Security Advisory
Issued:
2024-05-30
Updated:
2024-05-30

RHSA-2024:3513 - Security Advisory

Synopsis

Important: less security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for less is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors.

Security Fix(es):

  • less: OS command injection (CVE-2024-32487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

Red Hat Enterprise Linux for x86_64 9

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
s390x
less-590-4.el9_4.s390x.rpm SHA-256: 9ebedd59cb44f6f6c697bbf9922ce8571649355f8608b302ed6a8a9492f6b465
less-debuginfo-590-4.el9_4.s390x.rpm SHA-256: 8bf078a1fad8d700b5bdf956462f4fe72f8d200ff957a6f21a74412f8f8af1b9
less-debugsource-590-4.el9_4.s390x.rpm SHA-256: b94211ca6b1751d739a49309c351e39aab55c0d49a6368c8bde1c6d405c40c84

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
s390x
less-590-4.el9_4.s390x.rpm SHA-256: 9ebedd59cb44f6f6c697bbf9922ce8571649355f8608b302ed6a8a9492f6b465
less-debuginfo-590-4.el9_4.s390x.rpm SHA-256: 8bf078a1fad8d700b5bdf956462f4fe72f8d200ff957a6f21a74412f8f8af1b9
less-debugsource-590-4.el9_4.s390x.rpm SHA-256: b94211ca6b1751d739a49309c351e39aab55c0d49a6368c8bde1c6d405c40c84

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
s390x
less-590-4.el9_4.s390x.rpm SHA-256: 9ebedd59cb44f6f6c697bbf9922ce8571649355f8608b302ed6a8a9492f6b465
less-debuginfo-590-4.el9_4.s390x.rpm SHA-256: 8bf078a1fad8d700b5bdf956462f4fe72f8d200ff957a6f21a74412f8f8af1b9
less-debugsource-590-4.el9_4.s390x.rpm SHA-256: b94211ca6b1751d739a49309c351e39aab55c0d49a6368c8bde1c6d405c40c84

Red Hat Enterprise Linux for Power, little endian 9

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
ppc64le
less-590-4.el9_4.ppc64le.rpm SHA-256: 204198f08333eba7d3d7480d0ace315ebcff66af2b88214b9dc8bf06d319a7b8
less-debuginfo-590-4.el9_4.ppc64le.rpm SHA-256: 7cce98503875990440338595736fa64fd7095259bed6636f3bdbfcd7a6ab5906
less-debugsource-590-4.el9_4.ppc64le.rpm SHA-256: d9de6b2cea8b2a5c7f48b5e76092175065b69f85b0ba92bfba9347476a3760c7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
ppc64le
less-590-4.el9_4.ppc64le.rpm SHA-256: 204198f08333eba7d3d7480d0ace315ebcff66af2b88214b9dc8bf06d319a7b8
less-debuginfo-590-4.el9_4.ppc64le.rpm SHA-256: 7cce98503875990440338595736fa64fd7095259bed6636f3bdbfcd7a6ab5906
less-debugsource-590-4.el9_4.ppc64le.rpm SHA-256: d9de6b2cea8b2a5c7f48b5e76092175065b69f85b0ba92bfba9347476a3760c7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
ppc64le
less-590-4.el9_4.ppc64le.rpm SHA-256: 204198f08333eba7d3d7480d0ace315ebcff66af2b88214b9dc8bf06d319a7b8
less-debuginfo-590-4.el9_4.ppc64le.rpm SHA-256: 7cce98503875990440338595736fa64fd7095259bed6636f3bdbfcd7a6ab5906
less-debugsource-590-4.el9_4.ppc64le.rpm SHA-256: d9de6b2cea8b2a5c7f48b5e76092175065b69f85b0ba92bfba9347476a3760c7

Red Hat Enterprise Linux for ARM 64 9

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
aarch64
less-590-4.el9_4.aarch64.rpm SHA-256: a32ed746611b866e6c26d64b9b39366bba5af99f07c808283292231ae6bcb149
less-debuginfo-590-4.el9_4.aarch64.rpm SHA-256: d1c1899dcefebbd0a4ae9d620f8541ec4aebf3910fb880c0ab51883fc45eb421
less-debugsource-590-4.el9_4.aarch64.rpm SHA-256: 404455c718230f0a8d35c80a3b11a9b0df0b18305b05eb7b965c6c0a581e7b7b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
aarch64
less-590-4.el9_4.aarch64.rpm SHA-256: a32ed746611b866e6c26d64b9b39366bba5af99f07c808283292231ae6bcb149
less-debuginfo-590-4.el9_4.aarch64.rpm SHA-256: d1c1899dcefebbd0a4ae9d620f8541ec4aebf3910fb880c0ab51883fc45eb421
less-debugsource-590-4.el9_4.aarch64.rpm SHA-256: 404455c718230f0a8d35c80a3b11a9b0df0b18305b05eb7b965c6c0a581e7b7b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
aarch64
less-590-4.el9_4.aarch64.rpm SHA-256: a32ed746611b866e6c26d64b9b39366bba5af99f07c808283292231ae6bcb149
less-debuginfo-590-4.el9_4.aarch64.rpm SHA-256: d1c1899dcefebbd0a4ae9d620f8541ec4aebf3910fb880c0ab51883fc45eb421
less-debugsource-590-4.el9_4.aarch64.rpm SHA-256: 404455c718230f0a8d35c80a3b11a9b0df0b18305b05eb7b965c6c0a581e7b7b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
ppc64le
less-590-4.el9_4.ppc64le.rpm SHA-256: 204198f08333eba7d3d7480d0ace315ebcff66af2b88214b9dc8bf06d319a7b8
less-debuginfo-590-4.el9_4.ppc64le.rpm SHA-256: 7cce98503875990440338595736fa64fd7095259bed6636f3bdbfcd7a6ab5906
less-debugsource-590-4.el9_4.ppc64le.rpm SHA-256: d9de6b2cea8b2a5c7f48b5e76092175065b69f85b0ba92bfba9347476a3760c7

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
ppc64le
less-590-4.el9_4.ppc64le.rpm SHA-256: 204198f08333eba7d3d7480d0ace315ebcff66af2b88214b9dc8bf06d319a7b8
less-debuginfo-590-4.el9_4.ppc64le.rpm SHA-256: 7cce98503875990440338595736fa64fd7095259bed6636f3bdbfcd7a6ab5906
less-debugsource-590-4.el9_4.ppc64le.rpm SHA-256: d9de6b2cea8b2a5c7f48b5e76092175065b69f85b0ba92bfba9347476a3760c7

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
x86_64
less-590-4.el9_4.x86_64.rpm SHA-256: d2d0eef0c702b1e1f26b208ce62033c34f9e7c4776e1a7c83edd13b642cb0c6c
less-debuginfo-590-4.el9_4.x86_64.rpm SHA-256: f5e2d56b5969d216db473524e6bac908cf9d78fed79586f3168023f8abb8ef17
less-debugsource-590-4.el9_4.x86_64.rpm SHA-256: d198499e141d9d1dd6a1f1f1a2d9ab168e713fa77013487224b883cfe723ccf6

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
aarch64
less-590-4.el9_4.aarch64.rpm SHA-256: a32ed746611b866e6c26d64b9b39366bba5af99f07c808283292231ae6bcb149
less-debuginfo-590-4.el9_4.aarch64.rpm SHA-256: d1c1899dcefebbd0a4ae9d620f8541ec4aebf3910fb880c0ab51883fc45eb421
less-debugsource-590-4.el9_4.aarch64.rpm SHA-256: 404455c718230f0a8d35c80a3b11a9b0df0b18305b05eb7b965c6c0a581e7b7b

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
aarch64
less-590-4.el9_4.aarch64.rpm SHA-256: a32ed746611b866e6c26d64b9b39366bba5af99f07c808283292231ae6bcb149
less-debuginfo-590-4.el9_4.aarch64.rpm SHA-256: d1c1899dcefebbd0a4ae9d620f8541ec4aebf3910fb880c0ab51883fc45eb421
less-debugsource-590-4.el9_4.aarch64.rpm SHA-256: 404455c718230f0a8d35c80a3b11a9b0df0b18305b05eb7b965c6c0a581e7b7b

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
s390x
less-590-4.el9_4.s390x.rpm SHA-256: 9ebedd59cb44f6f6c697bbf9922ce8571649355f8608b302ed6a8a9492f6b465
less-debuginfo-590-4.el9_4.s390x.rpm SHA-256: 8bf078a1fad8d700b5bdf956462f4fe72f8d200ff957a6f21a74412f8f8af1b9
less-debugsource-590-4.el9_4.s390x.rpm SHA-256: b94211ca6b1751d739a49309c351e39aab55c0d49a6368c8bde1c6d405c40c84

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
less-590-4.el9_4.src.rpm SHA-256: d1ea77f30308d7c4b7ca8ef689f5c375f4301a42176a09eb8c826e9697a1afbd
s390x
less-590-4.el9_4.s390x.rpm SHA-256: 9ebedd59cb44f6f6c697bbf9922ce8571649355f8608b302ed6a8a9492f6b465
less-debuginfo-590-4.el9_4.s390x.rpm SHA-256: 8bf078a1fad8d700b5bdf956462f4fe72f8d200ff957a6f21a74412f8f8af1b9
less-debugsource-590-4.el9_4.s390x.rpm SHA-256: b94211ca6b1751d739a49309c351e39aab55c0d49a6368c8bde1c6d405c40c84

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.