Debian Security Update CVE-2024-57912, CVE-2024-57908, CVE-2024-57907, CVE-2024-57906
search cancel

Debian Security Update CVE-2024-57912, CVE-2024-57908, CVE-2024-57907, CVE-2024-57906

book

Article ID: 417334

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

The monitoring systems are detecting the following vulnerabilities on the API Gateway 

CVE-2024-57912

CVE-2024-57908

CVE-2024-57907

CVE-2024-57906

Current operating system version:

Debian GNU/Linux 12 (Bookworm)

Debian 6.1.129-1 (2025-03-06) x86_64 GNU/Linux

Could you please confirm whether these vulnerabilities are still pending resolution, or if they are considered non-critical / mitigated in the current release?

Environment

API gateway 11.1.2 OVA Appliance

Resolution

All of the CVEs affect the Linux kernel, which is already fixed in version 6.1.153‑1. We shipped this kernel version with the September MPP release, and the same package will be included in October MPP as well.

Therefore, customers can apply the September MPP will receive the fixes for these CVEs. However, the upcoming October MPP includes many additional package updates, so we recommend that customers upgrade to the October MPP.
 

Vulnerability Fixed in October Package Name Fixed Version Release Debian Tracker
CVE-2024-57912 YES linux (kernel) 6.1.153-1 bookworm (security) https://security-tracker.debian.org/tracker/CVE-2024-57912
CVE-2024-57908 YES linux (kernel) 6.1.153-1 bookworm (security) https://security-tracker.debian.org/tracker/CVE-2024-57908
CVE-2024-57907 YES linux (kernel) 6.1.153-1 bookworm (security) https://security-tracker.debian.org/tracker/CVE-2024-57907
CVE-2024-57906 YES linux (kernel) 6.1.153-1 bookworm (security) https://security-tracker.debian.org/tracker/CVE-2024-57906

 

Link to the Patches Page:

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/release-announcements/CA-API-Management-Solutions--Patches/3044

Powered by Wolken Software