关键漏洞信息 公告编号: RHSA-2025:3530 发布日期: 2025-04-02 更新日期: 2025-04-02 类型/严重性: 安全公告 - 中等 主题: libgcrypt 安全更新 描述: - libgcrypt 库提供各种加密算法的通用实现。 - 安全修复: - libgcrypt 对 Marvin 攻击易受攻击 (CVE-2024-2236) 解决方案: 参考 https://access.redhat.com/articles/11258 获取详细更新说明。 受影响的产品: - Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 - Red Hat Enterprise Linux Server - AUS 9.4 x86_64 - Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x - Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le - Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 - Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le - Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 - Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 - Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x 修复项: - BZ #2245218 - CVE-2024-2236 libgcrypt 对 Marvin 攻击易受攻击 CVEs: - CVE-2024-2236 参考链接: - https://access.redhat.com/security/updates/classification/#moderate