ISHACK AI BOT

Ubuntu: (CVE-2023-39180): linux vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/18/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-15 ubuntu-upgrade-linux-intel-iot-realtime ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-nvidia ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv-5-15 ubuntu-upgrade-linux-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-39180 CVE - 2023-39180 https://git.kernel.org/linus/e202a1e8634b186da38cbbff85382ea2b9e297cf https://www.cve.org/CVERecord?id=CVE-2023-39180

Palo Alto Networks PAN-OS Management Interface Unauthenticated Remote Code Execution Disclosed 11/18/2024 Created 12/30/2024 Description This module exploits an authentication bypass vulnerability (CVE-2024-0012) and a command injection vulnerability (CVE-2024-9474) in the PAN-OS management web interface. An unauthenticated attacker can execute arbitrary code with root privileges. The following versions are affected: * PAN-OS 11.2 (up to and including 11.2.4-h1) * PAN-OS 11.1 (up to and including 11.1.5-h1) * PAN-OS 11.0 (up to and including 11.0.6-h1) * PAN-OS 10.2 (up to and including 10.2.12-h2) Author(s) watchTowr sfewer-r7 Platform Linux,Unix Architectures cmd Development Source Code History

Debian: CVE-2024-52867: guix -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/17/2024 Created 11/26/2024 Added 11/25/2024 Modified 11/25/2024 Description guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, and restart actions. Both 5ab3c4c and 5582241 are needed to resolve the vulnerability. Solution(s) debian-upgrade-guix References https://attackerkb.com/topics/cve-2024-52867 CVE - 2024-52867 DLA-3959-1 DSA-5805-1

Debian: CVE-2024-10396: openafs -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to crash and possibly expose uninitialized memory into other ACLs stored on the server. Solution(s) debian-upgrade-openafs References https://attackerkb.com/topics/cve-2024-10396 CVE - 2024-10396 DSA-5842-1

Gentoo Linux: CVE-2024-10978: PostgreSQL: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/10/2024 Added 12/09/2024 Modified 12/09/2024 Description Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended.An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature.The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker.If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION.The attacker does not control which incorrect user ID applies.Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) gentoo-linux-upgrade-dev-db-postgresql References https://attackerkb.com/topics/cve-2024-10978 CVE - 2024-10978 202412-12

FreeBSD: VID-A61EF21B-A29E-11EF-AF48-6CC21735F730 (CVE-2024-10977): PostgreSQL -- libpq retains an error message from man-in-the-middle Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/16/2024 Added 11/15/2024 Modified 11/15/2024 Description Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application.For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results.This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) freebsd-upgrade-package-postgresql12-client freebsd-upgrade-package-postgresql13-client freebsd-upgrade-package-postgresql14-client freebsd-upgrade-package-postgresql15-client freebsd-upgrade-package-postgresql16-client freebsd-upgrade-package-postgresql17-client References CVE-2024-10977

Ubuntu: (CVE-2024-3447): qemu vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/23/2025 Description A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of`s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. Solution(s) ubuntu-upgrade-qemu References https://attackerkb.com/topics/cve-2024-3447 CVE - 2024-3447 https://patchew.org/QEMU/[email protected]/ https://patchew.org/QEMU/[email protected]/ https://www.cve.org/CVERecord?id=CVE-2024-3447

Gentoo Linux: CVE-2024-10979: PostgreSQL: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/10/2024 Added 12/09/2024 Modified 02/14/2025 Description Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH).That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) gentoo-linux-upgrade-dev-db-postgresql References https://attackerkb.com/topics/cve-2024-10979 CVE - 2024-10979 202412-12

Gentoo Linux: CVE-2024-10976: PostgreSQL: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/10/2024 Added 12/09/2024 Modified 02/14/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) gentoo-linux-upgrade-dev-db-postgresql References https://attackerkb.com/topics/cve-2024-10976 CVE - 2024-10976 202412-12

Gentoo Linux: CVE-2023-34049: Salt: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/10/2024 Added 12/09/2024 Modified 12/09/2024 Description The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH. Do not make the copy path on the target predictable and ensure we check return codes of the scp command if the copy fails. Solution(s) gentoo-linux-upgrade-app-admin-salt References https://attackerkb.com/topics/cve-2023-34049 CVE - 2023-34049 202412-09

Ubuntu: USN-7132-1 (CVE-2024-10976): PostgreSQL vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/04/2024 Added 12/03/2024 Modified 02/14/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) ubuntu-upgrade-postgresql-12 ubuntu-upgrade-postgresql-14 ubuntu-upgrade-postgresql-16 ubuntu-upgrade-postgresql-client-12 ubuntu-upgrade-postgresql-client-14 ubuntu-upgrade-postgresql-client-16 References https://attackerkb.com/topics/cve-2024-10976 CVE - 2024-10976 USN-7132-1

Ubuntu: USN-7132-1 (CVE-2024-10977): PostgreSQL vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/04/2024 Added 12/03/2024 Modified 12/03/2024 Description Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application.For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results.This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) ubuntu-upgrade-postgresql-12 ubuntu-upgrade-postgresql-14 ubuntu-upgrade-postgresql-16 ubuntu-upgrade-postgresql-client-12 ubuntu-upgrade-postgresql-client-14 ubuntu-upgrade-postgresql-client-16 References https://attackerkb.com/topics/cve-2024-10977 CVE - 2024-10977 USN-7132-1

Ubuntu: (CVE-2023-4458): linux vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-15 ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-azure-fde ubuntu-upgrade-linux-azure-fde-5-15 ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-15 ubuntu-upgrade-linux-gke ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-15 ubuntu-upgrade-linux-intel-iot-realtime ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-lowlatency ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-nvidia ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime ubuntu-upgrade-linux-riscv-5-15 ubuntu-upgrade-linux-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-4458 CVE - 2023-4458 https://git.kernel.org/linus/17d5b135bb720832364e8f55f6a887a3c7ec8fdb https://www.cve.org/CVERecord?id=CVE-2023-4458

Ubuntu: USN-7132-1 (CVE-2024-10979): PostgreSQL vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/04/2024 Added 12/03/2024 Modified 02/14/2025 Description Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH).That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) ubuntu-upgrade-postgresql-12 ubuntu-upgrade-postgresql-14 ubuntu-upgrade-postgresql-16 ubuntu-upgrade-postgresql-client-12 ubuntu-upgrade-postgresql-client-14 ubuntu-upgrade-postgresql-client-16 References https://attackerkb.com/topics/cve-2024-10979 CVE - 2024-10979 USN-7132-1

Debian: CVE-2024-10978: postgresql-13, postgresql-15 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/19/2024 Added 11/18/2024 Modified 11/18/2024 Description Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended.An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature.The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker.If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION.The attacker does not control which incorrect user ID applies.Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) debian-upgrade-postgresql-13 debian-upgrade-postgresql-15 References https://attackerkb.com/topics/cve-2024-10978 CVE - 2024-10978 DLA-3954-1 DSA-5812-1

SUSE: CVE-2024-10976: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 01/01/2025 Added 12/31/2024 Modified 02/14/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) suse-upgrade-libecpg6 suse-upgrade-libecpg6-32bit suse-upgrade-libpq5 suse-upgrade-libpq5-32bit suse-upgrade-postgresql suse-upgrade-postgresql-contrib suse-upgrade-postgresql-devel suse-upgrade-postgresql-docs suse-upgrade-postgresql-llvmjit suse-upgrade-postgresql-llvmjit-devel suse-upgrade-postgresql-plperl suse-upgrade-postgresql-plpython suse-upgrade-postgresql-pltcl suse-upgrade-postgresql-server suse-upgrade-postgresql-server-devel suse-upgrade-postgresql-test suse-upgrade-postgresql12 suse-upgrade-postgresql12-contrib suse-upgrade-postgresql12-devel suse-upgrade-postgresql12-docs suse-upgrade-postgresql12-llvmjit suse-upgrade-postgresql12-llvmjit-devel suse-upgrade-postgresql12-plperl suse-upgrade-postgresql12-plpython suse-upgrade-postgresql12-pltcl suse-upgrade-postgresql12-server suse-upgrade-postgresql12-server-devel suse-upgrade-postgresql12-test suse-upgrade-postgresql13 suse-upgrade-postgresql13-contrib suse-upgrade-postgresql13-devel suse-upgrade-postgresql13-docs suse-upgrade-postgresql13-llvmjit suse-upgrade-postgresql13-llvmjit-devel suse-upgrade-postgresql13-plperl suse-upgrade-postgresql13-plpython suse-upgrade-postgresql13-pltcl suse-upgrade-postgresql13-server suse-upgrade-postgresql13-server-devel suse-upgrade-postgresql13-test suse-upgrade-postgresql14 suse-upgrade-postgresql14-contrib suse-upgrade-postgresql14-devel suse-upgrade-postgresql14-docs suse-upgrade-postgresql14-llvmjit suse-upgrade-postgresql14-llvmjit-devel suse-upgrade-postgresql14-plperl suse-upgrade-postgresql14-plpython suse-upgrade-postgresql14-pltcl suse-upgrade-postgresql14-server suse-upgrade-postgresql14-server-devel suse-upgrade-postgresql14-test suse-upgrade-postgresql15 suse-upgrade-postgresql15-contrib suse-upgrade-postgresql15-devel suse-upgrade-postgresql15-docs suse-upgrade-postgresql15-llvmjit suse-upgrade-postgresql15-llvmjit-devel suse-upgrade-postgresql15-plperl suse-upgrade-postgresql15-plpython suse-upgrade-postgresql15-pltcl suse-upgrade-postgresql15-server suse-upgrade-postgresql15-server-devel suse-upgrade-postgresql15-test suse-upgrade-postgresql16 suse-upgrade-postgresql16-contrib suse-upgrade-postgresql16-devel suse-upgrade-postgresql16-docs suse-upgrade-postgresql16-llvmjit suse-upgrade-postgresql16-llvmjit-devel suse-upgrade-postgresql16-plperl suse-upgrade-postgresql16-plpython suse-upgrade-postgresql16-pltcl suse-upgrade-postgresql16-server suse-upgrade-postgresql16-server-devel suse-upgrade-postgresql16-test suse-upgrade-postgresql17 suse-upgrade-postgresql17-contrib suse-upgrade-postgresql17-devel suse-upgrade-postgresql17-docs suse-upgrade-postgresql17-llvmjit suse-upgrade-postgresql17-llvmjit-devel suse-upgrade-postgresql17-plperl suse-upgrade-postgresql17-plpython suse-upgrade-postgresql17-pltcl suse-upgrade-postgresql17-server suse-upgrade-postgresql17-server-devel suse-upgrade-postgresql17-test References https://attackerkb.com/topics/cve-2024-10976 CVE - 2024-10976

Debian: CVE-2024-10977: postgresql-13, postgresql-15 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/19/2024 Added 11/18/2024 Modified 11/18/2024 Description Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application.For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results.This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) debian-upgrade-postgresql-13 debian-upgrade-postgresql-15 References https://attackerkb.com/topics/cve-2024-10977 CVE - 2024-10977 DLA-3954-1 DSA-5812-1

Debian: CVE-2024-10979: postgresql-13, postgresql-15 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/19/2024 Added 11/18/2024 Modified 02/14/2025 Description Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH).That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) debian-upgrade-postgresql-13 debian-upgrade-postgresql-15 References https://attackerkb.com/topics/cve-2024-10979 CVE - 2024-10979 DLA-3954-1 DSA-5812-1

Debian: CVE-2024-10976: postgresql-13, postgresql-15 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 11/19/2024 Added 11/18/2024 Modified 02/14/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) debian-upgrade-postgresql-13 debian-upgrade-postgresql-15 References https://attackerkb.com/topics/cve-2024-10976 CVE - 2024-10976 DLA-3954-1 DSA-5812-1

Debian: CVE-2024-10394: openafs -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG. Solution(s) debian-upgrade-openafs References https://attackerkb.com/topics/cve-2024-10394 CVE - 2024-10394 DSA-5842-1

Huawei EulerOS: CVE-2024-1682: python-requests security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of trustworthiness, and potential further attacks if the bucket is used to host malicious content or as a pivot point for further attacks. Solution(s) huawei-euleros-2_0_sp10-upgrade-python3-requests References https://attackerkb.com/topics/cve-2024-1682 CVE - 2024-1682 EulerOS-SA-2025-1029

Oracle Linux: CVE-2024-10976: ELSA-2024-10788:postgresql:16 security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:N/AC:H/Au:S/C:P/I:P/A:N) Published 11/14/2024 Created 12/10/2024 Added 12/05/2024 Modified 01/08/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. A flaw was found in PostgreSQL. This vulnerability allows incorrect row-level security policies to be applied via subqueries, WITH queries, security invoker views, or SQL-language functions that reference tables with row-level security policies. This issue arises when a query is planned under one role and executed under another, potentially leading to unauthorized reads or modifications of data. Solution(s) oracle-linux-upgrade-pgaudit oracle-linux-upgrade-pg-repack oracle-linux-upgrade-pgvector oracle-linux-upgrade-postgres-decoderbufs oracle-linux-upgrade-postgresql oracle-linux-upgrade-postgresql-contrib oracle-linux-upgrade-postgresql-docs oracle-linux-upgrade-postgresql-plperl oracle-linux-upgrade-postgresql-plpython3 oracle-linux-upgrade-postgresql-pltcl oracle-linux-upgrade-postgresql-private-devel oracle-linux-upgrade-postgresql-private-libs oracle-linux-upgrade-postgresql-server oracle-linux-upgrade-postgresql-server-devel oracle-linux-upgrade-postgresql-static oracle-linux-upgrade-postgresql-test oracle-linux-upgrade-postgresql-test-rpm-macros oracle-linux-upgrade-postgresql-upgrade oracle-linux-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-10976 CVE - 2024-10976 ELSA-2024-10788 ELSA-2024-10831 ELSA-2024-10832 ELSA-2024-10830 ELSA-2024-10785 ELSA-2024-10787 ELSA-2024-10791 View more

Amazon Linux AMI 2: CVE-2024-10976: Security patch for libpq, postgresql (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/21/2024 Added 12/20/2024 Modified 02/14/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) amazon-linux-ami-2-upgrade-libpq amazon-linux-ami-2-upgrade-libpq-debuginfo amazon-linux-ami-2-upgrade-libpq-devel amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-10976 AL2/ALASPOSTGRESQL13-2024-008 AL2/ALASPOSTGRESQL14-2024-014 AL2/ALASPOSTGRESQL14-2024-015 CVE - 2024-10976

Amazon Linux AMI 2: CVE-2024-10977: Security patch for libpq, postgresql (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/21/2024 Added 12/20/2024 Modified 12/20/2024 Description Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application.For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results.This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) amazon-linux-ami-2-upgrade-libpq amazon-linux-ami-2-upgrade-libpq-debuginfo amazon-linux-ami-2-upgrade-libpq-devel amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-10977 AL2/ALASPOSTGRESQL13-2024-008 AL2/ALASPOSTGRESQL14-2024-014 AL2/ALASPOSTGRESQL14-2024-015 CVE - 2024-10977

Amazon Linux AMI 2: CVE-2024-10979: Security patch for libpq, postgresql (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/21/2024 Added 12/20/2024 Modified 02/14/2025 Description Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH).That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) amazon-linux-ami-2-upgrade-libpq amazon-linux-ami-2-upgrade-libpq-debuginfo amazon-linux-ami-2-upgrade-libpq-devel amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-10979 AL2/ALASPOSTGRESQL13-2024-008 AL2/ALASPOSTGRESQL14-2024-014 AL2/ALASPOSTGRESQL14-2024-015 CVE - 2024-10979