Support Content Notification - Support Portal

SANnav ROCKY LINUX Upgrade for RLSA-2024:5530, RLSA-2024:5101, RLSA-2024:4583, RLSA-2024:3501, RLSA-2024:3513, RLSA-2024:3619, RLSA-2024:4349, RLSA-2024:4078, RLSA-2024:2758, RLSA-2024:2758

Product/Component

Brocade SANnav

0 more products

Notification Id

25398

Last Updated

13 February 2025

Initial Publication Date

13 February 2025

Status

OPEN

Severity

HIGH

CVSS Base Score

Varies

WorkAround

Affected CVE

Multiple

Brocade Security Advisory ID	BSA-2025-2895
Component	Kernel

Summary

Brocade SANnav OVA versions 2.3.1b and 2.4.0 along with Brocade sannav_ova_8x_os_12_2024 SANnav OVA patch from December 2024 utilize an upgraded Rocky Linux Kernel. The upgrade has provided Security updates for numerous security vulnerabilities.

Rocky Linux Security Update for python-setuptools (RLSA-2024:5530)

QID: 961353

CVE-2024-6345

Rocky Linux Security Update for kernel (RLSA-2024:5101)

QID: 961359

CVE-2024-27010, CVE-2023-52469, CVE-2021-47624, CVE-2024-35896, CVE-2024-38615, CVE-2024-26640, CVE-2024-35946, CVE-2024-36950, CVE-2023-52653, CVE-2024-35899, CVE-2023-52764, CVE-2023-52486, CVE-2023-52662, CVE-2021-47304, CVE-2024-36010, CVE-2022-48747, CVE-2023-52834, CVE-2024-38575, CVE-2024-35937, CVE-2024-38598, CVE-2024-39487, CVE-2024-26925, CVE-2024-27020, CVE-2024-26852, CVE-2021-47257, CVE-2024-26810, CVE-2024-36979, CVE-2021-47468,CVE-2023-5281, CVE-2024-27395, CVE-2023-52707, CVE-2024-27434, CVE-2024-36945, CVE-2024-36978, CVE-2024-36005,

CVE-2024-35900, CVE-2024-35823, CVE-2024-26586, CVE-2024-35790, CVE-2022-48757, CVE-2024-26853, CVE-2023-52847, CVE-2024-36270, CVE-2024-36927, CVE-2024-26686, CVE-2024-38573, CVE-2023-52648, CVE-2024-35897, CVE-2023-52623,CVE-2024-25739, CVE-2023-52619, CVE-2022-48743, CVE-2024-35847, CVE-2024-39502, CVE-2024-35947, CVE-2024-35912, CVE-2024-36017, CVE-2021-47408, CVE-2021-47461, CVE-2023-52730, CVE-2024-35814, CVE-2024-39472, CVE-2021-47284, CVE-2024-35952, CVE-2024-26960, CVE-2024-26698, CVE-2024-36000, CVE-2024-26669, CVE-2021-46939, CVE-2024-2701,

CVE-2021-47491, CVE-2023-52845, CVE-2024-26704, CVE-2024-35807, CVE-2023-28746, CVE-2024-39476, CVE-2024-36941, CVE-2024-35938, CVE-2024-27025. CVE-2024-39276, CVE-2023-52777, CVE-2023-52796, CVE-2024-38596, CVE-2023-52463, CVE-2021-47579, CVE-2024-33621, CVE-2023-52832, CVE-2024-26878, CVE-2024-26840, CVE-2024-26921, CVE-2024-26772, CVE-2021-47018,CVE-2024-35925, CVE-2024-35924, CVE-2024-36933, CVE-2024-36286, CVE-2023-52864, CVE-2024-26660,CVE-2021-47373, CVE-2024-35893, CVE-2024-36940, CVE-2024-27019, CVE-2024-36929, CVE-2024-38627, CVE-2024-36921,

CVE-2023-52658, CVE-2023-52784, CVE-2024-36905, CVE-2024-36917, CVE-2023-52530, CVE-2024-26958, CVE-2024-36896,CVE-2024-38555, CVE-2023-52679, CVE-2024-36020, CVE-2024-36886, CVE-2024-36954, CVE-2024-21823, CVE-2024-31076, CVE-2023-52791, CVE-2024-40927, CVE-2023-52762, CVE-2024-36960, CVE-2024-36025, CVE-2023-52451, CVE-2024-26802, CVE-2024-36016, CVE-2023-52471, CVE-2024-36489, CVE-2024-35930, CVE-2024-26961, CVE-2024-36971, CVE-2024-26733,CVE-2024-2201, CVE-2024-40974, CVE-2024-27065, CVE-2024-27388, CVE-2024-35810, CVE-2024-26940, CVE-2024-38538,

CVE-2024-35910, CVE-2024-36006, CVE-2022-48632, CVE-2024-36889, CVE-2024-26773, CVE-2024-26614, CVE-2023-52803, CVE-2024-35801, CVE-2023-52622, CVE-2024-35824, CVE-2023-52775, CVE-2024-26740, CVE-2024-26870, CVE-2024-36904,CVE-2024-26843, CVE-2021-47548, CVE-2024-26837

Rocky Linux Security Update for kernel (RLSA-2024:4583)

QID: 961338

CVE-2024-35958, CVE-2024-36886, CVE-2024-36270, CVE-2024-36957, CVE-2024-38593, CVE-2024-36904, CVE-2021-47596, CVE-2022-48627, CVE-2024-27435, CVE-2024-38663, CVE-2024-27397, CVE-2021-47548, CVE-2024-38586, CVE-2023-52638, CVE-2024-38543, CVE-2024-26783, CVE-2024-26858

Rocky Linux Security Update for libndp (RLSA-2024:4636)

CVE-2024-5564

OVA Hidden RPC Services

QID: 11

Category: RPC

The Portmapper/Rpcbind listens on port 111 and stores an updated list of registered RPC services running on the server (RPC name, version and port number). It acts as a "gateway" for clients wanting to connect to any RPC daemon.

Rocky Linux Security Update for nghttp2 (RLSA-2024:3501)

QID: 961260

CVE-2024-28182

Rocky Linux Security Update for less (RLSA-2024:3513)

QID: 961297

CVE-2024-32487

Rocky Linux Security Update for kernel (RLSA-2024:3619)

QID: 961278

CVE-2024-26735, CVE-2024-26993

Rocky Linux Security Update for kernel (RLSA-2024:4349)

QID: 961323

CVE-2023-52667, CVE-2024-27393, CVE-2024-35870, CVE-2024-26801, CVE-2023-52626, CVE-2024-26974, CVE-2024-35960, CVE-2021-47400

Rocky Linux Security Update for glibc (RLSA-2024:3339)

QID: 961231

CVE-2024-33601, CVE-2024-33602, CVE-2024-33600, CVE-2024-2961, CVE-2024-33599

Rocky Linux Security Update for python3.9 (RLSA-2024:4078)

QID: 961308

CVE-2023-6597, CVE-2024-0450

Rocky Linux Security Update for kernel (RLSA-2024:2758)

QID: 961194

CVE-2024-25743, CVE-2023-6240, CVE-2024-25742

Solution

Solution provided in SANnav 2.4.0, 2.3.1b OVA releases.

A Brocade SANnav OVA solution is also provided in the sannav_ova_8x_os_12_2024 OVA patch. The OVA patch can be applied to 2.3.0, 2.3.0a, 2.3.1, 2.3.1a.

Revision History

Version	Change	Date
1.0	Initial Publication	February 13, 2025

Disclaimer

THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.