Issued:: 2024-10-15
Updated:: 2024-10-15

RHSA-2024:8132 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: libuv security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

libuv is a multi-platform support library with a focus on asynchronous I/O.

Security Fix(es):

libuv: Improper Domain Lookup that potentially leads to SSRF attacks (CVE-2024-24806)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64

Fixes

BZ - 2263292 - CVE-2024-24806 libuv: Improper Domain Lookup that potentially leads to SSRF attacks

CVEs

CVE-2024-24806

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
x86_64
libuv-1.41.1-1.el8_8.1.i686.rpm	SHA-256: b7e35980404281baf0c6a3307a17307bd0a91b2ccaabffab84a9ea2bf8c3aaca
libuv-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: de16614a4b879f32ca309bef7f2389f6338a6b9112f7de3588d81fc2f156bc79
libuv-debuginfo-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 90572b73267a59ef7fa5c4bbc123bdd89295f990a3d4e8cfcfd8948d52277fa0
libuv-debuginfo-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: f71bd7e2febcd6b7772478a9751be83b928253bf283f88dc41c906fc14d5a3f1
libuv-debugsource-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 8d14ebbdfbc08f676f3e2af777d96501553ff632672e40347f5be951a664616b
libuv-debugsource-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: 56d56f8906b7f9d06239ba01030b93948b5706081033eb57a93e1b3431879306

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
x86_64
libuv-1.41.1-1.el8_8.1.i686.rpm	SHA-256: b7e35980404281baf0c6a3307a17307bd0a91b2ccaabffab84a9ea2bf8c3aaca
libuv-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: de16614a4b879f32ca309bef7f2389f6338a6b9112f7de3588d81fc2f156bc79
libuv-debuginfo-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 90572b73267a59ef7fa5c4bbc123bdd89295f990a3d4e8cfcfd8948d52277fa0
libuv-debuginfo-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: f71bd7e2febcd6b7772478a9751be83b928253bf283f88dc41c906fc14d5a3f1
libuv-debugsource-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 8d14ebbdfbc08f676f3e2af777d96501553ff632672e40347f5be951a664616b
libuv-debugsource-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: 56d56f8906b7f9d06239ba01030b93948b5706081033eb57a93e1b3431879306

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
s390x
libuv-1.41.1-1.el8_8.1.s390x.rpm	SHA-256: 144f96a866b9fa6f66b9516e863e5894f44e0503df6b7cb0de7f3399cf43a0eb
libuv-debuginfo-1.41.1-1.el8_8.1.s390x.rpm	SHA-256: 4912e29b42d049891dc83781f02cd49efa3cfc4881c5d10bbba19987a12e5f80
libuv-debugsource-1.41.1-1.el8_8.1.s390x.rpm	SHA-256: a8e63b5c8b0f9d00b427f0485e8e6a7ac05e35145dfabe872e653eaa36da7241

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
ppc64le
libuv-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: 35d7bfee5ca5f78e45a6e6ef277ee0f370b02133cb74aae81ad3a8fd9aacfce8
libuv-debuginfo-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: c0063dc2053de8db84428cd98169455e8a429e078fddc9c43f13383283cc5e84
libuv-debugsource-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: a65a0fac14fb1b830547f355b1558f6b21f8cccc0001295b76fbce2383cbb54f

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
x86_64
libuv-1.41.1-1.el8_8.1.i686.rpm	SHA-256: b7e35980404281baf0c6a3307a17307bd0a91b2ccaabffab84a9ea2bf8c3aaca
libuv-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: de16614a4b879f32ca309bef7f2389f6338a6b9112f7de3588d81fc2f156bc79
libuv-debuginfo-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 90572b73267a59ef7fa5c4bbc123bdd89295f990a3d4e8cfcfd8948d52277fa0
libuv-debuginfo-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: f71bd7e2febcd6b7772478a9751be83b928253bf283f88dc41c906fc14d5a3f1
libuv-debugsource-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 8d14ebbdfbc08f676f3e2af777d96501553ff632672e40347f5be951a664616b
libuv-debugsource-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: 56d56f8906b7f9d06239ba01030b93948b5706081033eb57a93e1b3431879306

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
aarch64
libuv-1.41.1-1.el8_8.1.aarch64.rpm	SHA-256: a5a5b17428d98d8f327f0c982d2ac3c83ff20bc53a4893e359ad26254de3c186
libuv-debuginfo-1.41.1-1.el8_8.1.aarch64.rpm	SHA-256: 54f138d712db9fb07d390a9f80d020240699da5f1b7f39d724c613e53c203b8e
libuv-debugsource-1.41.1-1.el8_8.1.aarch64.rpm	SHA-256: 820394e9fae6e82c94cdd98b52e9b7dd7b2173aefe1d868f22ff207870e4d344

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
ppc64le
libuv-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: 35d7bfee5ca5f78e45a6e6ef277ee0f370b02133cb74aae81ad3a8fd9aacfce8
libuv-debuginfo-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: c0063dc2053de8db84428cd98169455e8a429e078fddc9c43f13383283cc5e84
libuv-debugsource-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: a65a0fac14fb1b830547f355b1558f6b21f8cccc0001295b76fbce2383cbb54f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
libuv-1.41.1-1.el8_8.1.src.rpm	SHA-256: 28fef930d3d4f8187676ff70424db2e4555898fcc4bbf39fd3f22642c9ba778e
x86_64
libuv-1.41.1-1.el8_8.1.i686.rpm	SHA-256: b7e35980404281baf0c6a3307a17307bd0a91b2ccaabffab84a9ea2bf8c3aaca
libuv-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: de16614a4b879f32ca309bef7f2389f6338a6b9112f7de3588d81fc2f156bc79
libuv-debuginfo-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 90572b73267a59ef7fa5c4bbc123bdd89295f990a3d4e8cfcfd8948d52277fa0
libuv-debuginfo-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: f71bd7e2febcd6b7772478a9751be83b928253bf283f88dc41c906fc14d5a3f1
libuv-debugsource-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 8d14ebbdfbc08f676f3e2af777d96501553ff632672e40347f5be951a664616b
libuv-debugsource-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: 56d56f8906b7f9d06239ba01030b93948b5706081033eb57a93e1b3431879306

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM
x86_64
libuv-debuginfo-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 90572b73267a59ef7fa5c4bbc123bdd89295f990a3d4e8cfcfd8948d52277fa0
libuv-debuginfo-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: f71bd7e2febcd6b7772478a9751be83b928253bf283f88dc41c906fc14d5a3f1
libuv-debugsource-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 8d14ebbdfbc08f676f3e2af777d96501553ff632672e40347f5be951a664616b
libuv-debugsource-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: 56d56f8906b7f9d06239ba01030b93948b5706081033eb57a93e1b3431879306
libuv-devel-1.41.1-1.el8_8.1.i686.rpm	SHA-256: 49bc81c43061282672a5f61cea384878bc553174d4c456ac874a80ca5100e688
libuv-devel-1.41.1-1.el8_8.1.x86_64.rpm	SHA-256: e053b8870f183eac58fc1d216d2de5a97f935919af9afae93d2392fe616f2f3c

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8

SRPM
ppc64le
libuv-debuginfo-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: c0063dc2053de8db84428cd98169455e8a429e078fddc9c43f13383283cc5e84
libuv-debugsource-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: a65a0fac14fb1b830547f355b1558f6b21f8cccc0001295b76fbce2383cbb54f
libuv-devel-1.41.1-1.el8_8.1.ppc64le.rpm	SHA-256: a5f77cb70f9307496fb85a895570fa5b4c33a29ec29466831e2d117e7328579f

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM
s390x
libuv-debuginfo-1.41.1-1.el8_8.1.s390x.rpm	SHA-256: 4912e29b42d049891dc83781f02cd49efa3cfc4881c5d10bbba19987a12e5f80
libuv-debugsource-1.41.1-1.el8_8.1.s390x.rpm	SHA-256: a8e63b5c8b0f9d00b427f0485e8e6a7ac05e35145dfabe872e653eaa36da7241
libuv-devel-1.41.1-1.el8_8.1.s390x.rpm	SHA-256: b580151f048e13912104e743055608e3426740fa36b98b2f2713a81fd9c507ac

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM
aarch64
libuv-debuginfo-1.41.1-1.el8_8.1.aarch64.rpm	SHA-256: 54f138d712db9fb07d390a9f80d020240699da5f1b7f39d724c613e53c203b8e
libuv-debugsource-1.41.1-1.el8_8.1.aarch64.rpm	SHA-256: 820394e9fae6e82c94cdd98b52e9b7dd7b2173aefe1d868f22ff207870e4d344
libuv-devel-1.41.1-1.el8_8.1.aarch64.rpm	SHA-256: c0eab67e98c40253b1c18c5970e5f9a2c02e510ada144345d964f3f29ab8f47f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation