ISHACK AI BOT

Ubuntu: USN-7115-1 (CVE-2024-49769): Waitress vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/29/2024 Created 11/21/2024 Added 11/20/2024 Modified 01/30/2025 Description Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition. Solution(s) ubuntu-pro-upgrade-python3-waitress References https://attackerkb.com/topics/cve-2024-49769 CVE - 2024-49769 USN-7115-1

MFSA2024-59 Thunderbird: Security Vulnerabilities fixed in Thunderbird 132 (CVE-2024-10462) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/29/2024 Created 10/31/2024 Added 10/30/2024 Modified 02/14/2025 Description Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) mozilla-thunderbird-upgrade-132_0 References https://attackerkb.com/topics/cve-2024-10462 CVE - 2024-10462 http://www.mozilla.org/security/announce/2024/mfsa2024-59.html

MFSA2024-59 Thunderbird: Security Vulnerabilities fixed in Thunderbird 132 (CVE-2024-10464) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/29/2024 Created 10/31/2024 Added 10/30/2024 Modified 02/14/2025 Description Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) mozilla-thunderbird-upgrade-132_0 References https://attackerkb.com/topics/cve-2024-10464 CVE - 2024-10464 http://www.mozilla.org/security/announce/2024/mfsa2024-59.html

Rocky Linux: CVE-2024-10459: thunderbird (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10459 CVE - 2024-10459 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

Rocky Linux: CVE-2024-10458: thunderbird (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10458 CVE - 2024-10458 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

Rocky Linux: CVE-2024-10464: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10464 CVE - 2024-10464 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

Rocky Linux: CVE-2024-10461: thunderbird (Multiple Advisories) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10461 CVE - 2024-10461 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

Rocky Linux: CVE-2024-10463: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10463 CVE - 2024-10463 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

SUSE: CVE-2024-10458: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-10458 CVE - 2024-10458

SUSE: CVE-2024-10452: SUSE Linux Security Advisory Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 10/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Organization admins can delete pending invites created in an organization they are not part of. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2024-10452 CVE - 2024-10452

SUSE: CVE-2024-10461: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-10461 CVE - 2024-10461

SUSE: CVE-2024-10463: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 10/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-10463 CVE - 2024-10463

SUSE: CVE-2024-10465: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-10465 CVE - 2024-10465

SUSE: CVE-2024-10459: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-10459 CVE - 2024-10459

Microsoft Edge Chromium: CVE-2024-10487: Out of bounds write in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/29/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-10487 CVE - 2024-10487 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-10487

Debian: CVE-2024-10462: firefox-esr, thunderbird -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/29/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) debian-upgrade-firefox-esr debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-10462 CVE - 2024-10462 DLA-3943-1 DSA-5801-1

Oracle Linux: CVE-2024-10461: ELSA-2024-8790:thunderbird security update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 10/29/2024 Created 11/13/2024 Added 11/11/2024 Modified 01/07/2025 Description In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox &lt; 132, Firefox ESR &lt; 128.4, Thunderbird &lt; 128.4, and Thunderbird &lt; 132. The Mozilla Foundation&apos;s Security Advisory: In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header is not respected and does not force a download, which could allow cross-site scripting (XSS) attacks. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-10461 CVE - 2024-10461 ELSA-2024-8790 ELSA-2024-8793 ELSA-2024-8727 ELSA-2024-8726 ELSA-2024-8729 ELSA-2024-9554 ELSA-2024-9552 View more

Oracle Linux: CVE-2024-10462: ELSA-2024-8790:thunderbird security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/29/2024 Created 11/13/2024 Added 11/11/2024 Modified 01/07/2025 Description Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox &lt; 132, Firefox ESR &lt; 128.4, Thunderbird &lt; 128.4, and Thunderbird &lt; 132. A flaw was found in Mozilla. The Mozilla Foundation&apos;s Security Advisory describes the following issue: Truncation of a long URL could have allowed origin spoofing in a permission prompt. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-10462 CVE - 2024-10462 ELSA-2024-8790 ELSA-2024-8793 ELSA-2024-8727 ELSA-2024-8726 ELSA-2024-8729 ELSA-2024-9554 ELSA-2024-9552 View more

Oracle Linux: CVE-2024-10465: ELSA-2024-8790:thunderbird security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/29/2024 Created 11/13/2024 Added 11/11/2024 Modified 01/07/2025 Description A clipboard &quot;paste&quot; button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox &lt; 132, Firefox ESR &lt; 128.4, Thunderbird &lt; 128.4, and Thunderbird &lt; 132. The Mozilla Foundation&apos;s Security Advisory: A clipboard &quot;paste&quot; button could persist across tabs which allowed a spoofing attack. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-10465 CVE - 2024-10465 ELSA-2024-8790 ELSA-2024-8793 ELSA-2024-8727 ELSA-2024-8726 ELSA-2024-8729 ELSA-2024-9554 ELSA-2024-9552 View more

Rocky Linux: CVE-2024-10460: thunderbird (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10460 CVE - 2024-10460 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

Rocky Linux: CVE-2024-10462: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10462 CVE - 2024-10462 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

Rocky Linux: CVE-2024-10465: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/30/2025 Description A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-10465 CVE - 2024-10465 https://errata.rockylinux.org/RLSA-2024:8726 https://errata.rockylinux.org/RLSA-2024:8729 https://errata.rockylinux.org/RLSA-2024:8790 https://errata.rockylinux.org/RLSA-2024:8793

MFSA2024-55 Firefox: Security Vulnerabilities fixed in Firefox 132 (CVE-2024-10463) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 10/29/2024 Created 10/31/2024 Added 10/30/2024 Modified 01/28/2025 Description Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) mozilla-firefox-upgrade-132_0 References https://attackerkb.com/topics/cve-2024-10463 CVE - 2024-10463 http://www.mozilla.org/security/announce/2024/mfsa2024-55.html

Alma Linux: CVE-2024-50082: Moderate: kernel security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 10/29/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0 Oops: Oops: 0002 [#1] PREEMPT SMP PTI CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40 Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 <f0> 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00 RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011 RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084 RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011 R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002 R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003 FS:0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <IRQ> try_to_wake_up+0x5a/0x6a0 rq_qos_wake_function+0x71/0x80 __wake_up_common+0x75/0xa0 __wake_up+0x36/0x60 scale_up.part.0+0x50/0x110 wb_timer_fn+0x227/0x450 ... So rq_qos_wake_function() calls wake_up_process(data->task), which calls try_to_wake_up(), which faults in raw_spin_lock_irqsave(&p->pi_lock). p comes from data->task, and data comes from the waitqueue entry, which is stored on the waiter's stack in rq_qos_wait(). Analyzing the core dump with drgn, I found that the waiter had already woken up and moved on to a completely unrelated code path, clobbering what was previously data->task. Meanwhile, the waker was passing the clobbered garbage in data->task to wake_up_process(), leading to the crash. What's happening is that in between rq_qos_wake_function() deleting the waitqueue entry and calling wake_up_process(), rq_qos_wait() is finding that it already got a token and returning. The race looks like this: rq_qos_wait() rq_qos_wake_function() ============================================================== prepare_to_wait_exclusive() data->got_token = true; list_del_init(&curr->entry); if (data.got_token) break; finish_wait(&rqw->wait, &data.wq); ^- returns immediately because list_empty_careful(&wq_entry->entry) is true ... return, go do something else ... wake_up_process(data->task) (NO LONGER VALID!)-^ Normally, finish_wait() is supposed to synchronize against the waker. But, as noted above, it is returning immediately because the waitqueue entry has already been removed from the waitqueue. The bug is that rq_qos_wake_function() is accessing the waitqueue entry AFTER deleting it. Note that autoremove_wake_function() wakes the waiter and THEN deletes the waitqueue entry, which is the proper order. Fix it by swapping the order. We also need to use list_del_init_careful() to match the list_empty_careful() in finish_wait(). Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-50082 CVE - 2024-50082 https://errata.almalinux.org/8/ALSA-2024-10943.html https://errata.almalinux.org/8/ALSA-2024-10944.html

Amazon Linux AMI 2: CVE-2024-10459: Security patch for firefox (ALASFIREFOX-2024-032) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/29/2024 Created 11/15/2024 Added 11/14/2024 Modified 01/28/2025 Description An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo References https://attackerkb.com/topics/cve-2024-10459 AL2/ALASFIREFOX-2024-032 CVE - 2024-10459