ISHACK AI BOT

OS X update for App Support (CVE-2024-44255) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44255 CVE - 2024-44255 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

SUSE: CVE-2024-10214: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:S/C:P/I:N/A:N) Published 10/28/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2024-10214 CVE - 2024-10214

OS X update for sips (CVE-2024-44284) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44284 CVE - 2024-44284 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for ARKit (CVE-2024-44126) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7 and iPadOS 17.7, macOS Sonoma 14.7, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to heap corruption. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44126 CVE - 2024-44126 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247 https://support.apple.com/en-us/121568

Gentoo Linux: CVE-2024-42028: Ubiquiti UniFi: Privilege Escalation Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/28/2024 Created 11/08/2024 Added 11/07/2024 Modified 11/07/2024 Description A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server. Solution(s) gentoo-linux-upgrade-net-wireless-unifi References https://attackerkb.com/topics/cve-2024-42028 CVE - 2024-42028 202411-03

Oracle Linux: CVE-2024-45802: ELSA-2024-9644: squid security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 11/23/2024 Added 11/21/2024 Modified 12/01/2024 Description Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. A flaw was found in Squid. Due to input validation and resource management issues, a denial of service may be triggered during the processing of certain Edge Side Includes (ESI) response content. Solution(s) oracle-linux-upgrade-libecap oracle-linux-upgrade-libecap-devel oracle-linux-upgrade-squid oracle-linux-upgrade-squid-migration-script oracle-linux-upgrade-squid-sysvinit References https://attackerkb.com/topics/cve-2024-45802 CVE - 2024-45802 ELSA-2024-9644 ELSA-2024-9738 ELSA-2024-9625

Red Hat: CVE-2024-44296: webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (Multiple Advisories) Severity 4 CVSS (AV:N/AC:H/Au:N/C:P/I:P/A:N) Published 10/28/2024 Created 11/28/2024 Added 11/27/2024 Modified 11/27/2024 Description The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2024-44296 RHSA-2024:9545 RHSA-2024:9553 RHSA-2024:9636

OS X update for CUPS (CVE-2024-44213) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker in a privileged network position may be able to leak sensitive user information. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44213 CVE - 2024-44213 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for PackageKit (CVE-2024-44275) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44275 CVE - 2024-44275 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

Huawei EulerOS: CVE-2024-49761: ruby security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/28/2025 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. Solution(s) huawei-euleros-2_0_sp10-upgrade-ruby huawei-euleros-2_0_sp10-upgrade-ruby-help huawei-euleros-2_0_sp10-upgrade-ruby-irb References https://attackerkb.com/topics/cve-2024-49761 CVE - 2024-49761 EulerOS-SA-2025-1031

OS X update for sips (CVE-2024-44237) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44237 CVE - 2024-44237 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for WebKit (CVE-2024-44244) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44244 CVE - 2024-44244 https://support.apple.com/en-us/121564

OS X update for Game Controllers (CVE-2024-44265) Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:P/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker with physical access can input Game Controller events to apps running on a locked device. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44265 CVE - 2024-44265 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

FreeBSD: VID-F07C8F87-8E65-11EF-81B8-659BF0027D16: forgejo -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 10/31/2024 Description Problem Description: Forgejo generates a token which is used to authenticate web endpoints that are only meant to be used internally, for instance when the SSH daemon is used to push a commit with Git.The verification of this token was not done in constant time and was susceptible to timing attacks.A pre-condition for such an attack is the precise measurements of the time for each operation.Since it requires observing the timing of network operations, the issue is mitigated when a Forgejo instance is accessed over the internet because the ISP introduce unpredictable random delays. Because of a missing permission check, the branch used to propose a pull request to a repository can always be deleted by the user performing the merge.It was fixed so that such a deletion is only allowed if the user performing the merge has write permission to the repository from which the pull request was made. Solution(s) freebsd-upgrade-package-forgejo freebsd-upgrade-package-forgejo7

Huawei EulerOS: CVE-2024-50067: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/28/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, arrays can be very large, but the size of percpu buffer is only page size. And store_trace_args() won't check whether these data exceeds a single page or not, caused out-of-bounds memory access. It could be reproduced by following steps: 1. build kernel with CONFIG_KASAN enabled 2. save follow program as test.c ``` \#include <stdio.h> \#include <stdlib.h> \#include <string.h> // If string length large than MAX_STRING_SIZE, the fetch_store_strlen() // will return 0, cause __get_data_size() return shorter size, and // store_trace_args() will not trigger out-of-bounds access. // So make string length less than 4096. \#define STRLEN 4093 void generate_string(char *str, int n) { int i; for (i = 0; i < n; ++i) { char c = i % 26 + 'a'; str[i] = c; } str[n-1] = '\0'; } void print_string(char *str) { printf("%s\n", str); } int main() { char tmp[STRLEN]; generate_string(tmp, STRLEN); print_string(tmp); return 0; } ``` 3. compile program `gcc -o test test.c` 4. get the offset of `print_string()` ``` objdump -t test | grep -w print_string 0000000000401199 g F .text000000000000001bprint_string ``` 5. configure uprobe with offset 0x1199 ``` off=0x1199 cd /sys/kernel/debug/tracing/ echo "p /root/test:${off} arg1=+0(%di):ustring arg2=\$comm arg3=+0(%di):ustring" > uprobe_events echo 1 > events/uprobes/enable echo 1 > tracing_on ``` 6. run `test`, and kasan will report error. ================================================================== BUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0 Write of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18 Hardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x55/0x70 print_address_description.constprop.0+0x27/0x310 kasan_report+0x10f/0x120 ? strncpy_from_user+0x1d6/0x1f0 strncpy_from_user+0x1d6/0x1f0 ? rmqueue.constprop.0+0x70d/0x2ad0 process_fetch_insn+0xb26/0x1470 ? __pfx_process_fetch_insn+0x10/0x10 ? _raw_spin_lock+0x85/0xe0 ? __pfx__raw_spin_lock+0x10/0x10 ? __pte_offset_map+0x1f/0x2d0 ? unwind_next_frame+0xc5f/0x1f80 ? arch_stack_walk+0x68/0xf0 ? is_bpf_text_address+0x23/0x30 ? kernel_text_address.part.0+0xbb/0xd0 ? __kernel_text_address+0x66/0xb0 ? unwind_get_return_address+0x5e/0xa0 ? __pfx_stack_trace_consume_entry+0x10/0x10 ? arch_stack_walk+0xa2/0xf0 ? _raw_spin_lock_irqsave+0x8b/0xf0 ? __pfx__raw_spin_lock_irqsave+0x10/0x10 ? depot_alloc_stack+0x4c/0x1f0 ? _raw_spin_unlock_irqrestore+0xe/0x30 ? stack_depot_save_flags+0x35d/0x4f0 ? kasan_save_stack+0x34/0x50 ? kasan_save_stack+0x24/0x50 ? mutex_lock+0x91/0xe0 ? __pfx_mutex_lock+0x10/0x10 prepare_uprobe_buffer.part.0+0x2cd/0x500 uprobe_dispatcher+0x2c3/0x6a0 ? __pfx_uprobe_dispatcher+0x10/0x10 ? __kasan_slab_alloc+0x4d/0x90 handler_chain+0xdd/0x3e0 handle_swbp+0x26e/0x3d0 ? __pfx_handle_swbp+0x10/0x10 ? uprobe_pre_sstep_notifier+0x151/0x1b0 irqentry_exit_to_user_mode+0xe2/0x1b0 asm_exc_int3+0x39/0x40 RIP: 0033:0x401199 Code: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce RSP: 002b:00007ffdf00576a8 EFLAGS: 00000206 RAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2 RDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0 RBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20 R10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040 R13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000 </TASK> This commit enforces the buffer's maxlen less than a page-size to avoid store_trace_args() out-of-memory access. Solution(s) huawei-euleros-2_0_sp12-upgrade-bpftool huawei-euleros-2_0_sp12-upgrade-kernel huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp12-upgrade-kernel-tools huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs huawei-euleros-2_0_sp12-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-50067 CVE - 2024-50067 EulerOS-SA-2025-1192

VMware Photon OS: CVE-2024-45802 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-45802 CVE - 2024-45802

Amazon Linux 2023: CVE-2024-50067: Important priority package update for kernel Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:P/A:C) Published 10/28/2024 Created 02/05/2025 Added 02/14/2025 Modified 02/14/2025 Description In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, arrays can be very large, but the size of percpu buffer is only page size. And store_trace_args() won&apos;t check whether these data exceeds a single page or not, caused out-of-bounds memory access. It could be reproduced by following steps: 1. build kernel with CONFIG_KASAN enabled 2. save follow program as test.c ``` \#include &lt;stdio.h&gt; \#include &lt;stdlib.h&gt; \#include &lt;string.h&gt; // If string length large than MAX_STRING_SIZE, the fetch_store_strlen() // will return 0, cause __get_data_size() return shorter size, and // store_trace_args() will not trigger out-of-bounds access. // So make string length less than 4096. \#define STRLEN 4093 void generate_string(char *str, int n) { int i; for (i = 0; i &lt; n; ++i) { char c = i % 26 + &apos;a&apos;; str[i] = c; } str[n-1] = &apos;\0&apos;; } void print_string(char *str) { printf(&quot;%s\n&quot;, str); } int main() { char tmp[STRLEN]; generate_string(tmp, STRLEN); print_string(tmp); return 0; } ``` 3. compile program `gcc -o test test.c` 4. get the offset of `print_string()` ``` objdump -t test | grep -w print_string 0000000000401199 g F .text000000000000001bprint_string ``` 5. configure uprobe with offset 0x1199 ``` off=0x1199 cd /sys/kernel/debug/tracing/ echo &quot;p /root/test:${off} arg1=+0(%di):ustring arg2=\$comm arg3=+0(%di):ustring&quot; &gt; uprobe_events echo 1 &gt; events/uprobes/enable echo 1 &gt; tracing_on ``` 6. run `test`, and kasan will report error. ================================================================== BUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0 Write of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18 Hardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014 Call Trace: &lt;TASK&gt; dump_stack_lvl+0x55/0x70 print_address_description.constprop.0+0x27/0x310 kasan_report+0x10f/0x120 ? strncpy_from_user+0x1d6/0x1f0 strncpy_from_user+0x1d6/0x1f0 ? rmqueue.constprop.0+0x70d/0x2ad0 process_fetch_insn+0xb26/0x1470 ? __pfx_process_fetch_insn+0x10/0x10 ? _raw_spin_lock+0x85/0xe0 ? __pfx__raw_spin_lock+0x10/0x10 ? __pte_offset_map+0x1f/0x2d0 ? unwind_next_frame+0xc5f/0x1f80 ? arch_stack_walk+0x68/0xf0 ? is_bpf_text_address+0x23/0x30 ? kernel_text_address.part.0+0xbb/0xd0 ? __kernel_text_address+0x66/0xb0 ? unwind_get_return_address+0x5e/0xa0 ? __pfx_stack_trace_consume_entry+0x10/0x10 ? arch_stack_walk+0xa2/0xf0 ? _raw_spin_lock_irqsave+0x8b/0xf0 ? __pfx__raw_spin_lock_irqsave+0x10/0x10 ? depot_alloc_stack+0x4c/0x1f0 ? _raw_spin_unlock_irqrestore+0xe/0x30 ? stack_depot_save_flags+0x35d/0x4f0 ? kasan_save_stack+0x34/0x50 ? kasan_save_stack+0x24/0x50 ? mutex_lock+0x91/0xe0 ? __pfx_mutex_lock+0x10/0x10 prepare_uprobe_buffer.part.0+0x2cd/0x500 uprobe_dispatcher+0x2c3/0x6a0 ? __pfx_uprobe_dispatcher+0x10/0x10 ? __kasan_slab_alloc+0x4d/0x90 handler_chain+0xdd/0x3e0 handle_swbp+0x26e/0x3d0 ? __pfx_handle_swbp+0x10/0x10 ? uprobe_pre_sstep_notifier+0x151/0x1b0 irqentry_exit_to_user_mode+0xe2/0x1b0 asm_exc_int3+0x39/0x40 RIP: 0033:0x401199 Code: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce RSP: 002b:00007ffdf00576a8 EFLAGS: 00000206 RAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2 RDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0 RBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20 R10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040 R13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000 &lt;/TASK&gt; This commit enforces the buffer&apos;s maxlen less than a page-size to avoid store_trace_args() out-of-memory access. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-119-129-201 amazon-linux-2023-upgrade-kernel-modules-extra amazon-linux-2023-upgrade-kernel-modules-extra-common amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-50067 CVE - 2024-50067 https://alas.aws.amazon.com/AL2023/ALAS-2025-802.html

Alma Linux: CVE-2024-44296: Important: webkit2gtk3 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/28/2024 Created 11/19/2024 Added 11/18/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Solution(s) alma-upgrade-webkit2gtk3 alma-upgrade-webkit2gtk3-devel alma-upgrade-webkit2gtk3-jsc alma-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2024-44296 CVE - 2024-44296 https://errata.almalinux.org/8/ALSA-2024-9636.html https://errata.almalinux.org/9/ALSA-2024-9553.html

Rocky Linux: CVE-2024-44296: webkit2gtk3 (RLSA-2024-9636) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/28/2024 Created 11/21/2024 Added 11/20/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Solution(s) rocky-upgrade-webkit2gtk3 rocky-upgrade-webkit2gtk3-debuginfo rocky-upgrade-webkit2gtk3-debugsource rocky-upgrade-webkit2gtk3-devel rocky-upgrade-webkit2gtk3-devel-debuginfo rocky-upgrade-webkit2gtk3-jsc rocky-upgrade-webkit2gtk3-jsc-debuginfo rocky-upgrade-webkit2gtk3-jsc-devel rocky-upgrade-webkit2gtk3-jsc-devel-debuginfo References https://attackerkb.com/topics/cve-2024-44296 CVE - 2024-44296 https://errata.rockylinux.org/RLSA-2024:9636

OS X update for Sidecar (CVE-2024-44145) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44145 CVE - 2024-44145 https://support.apple.com/en-us/121238

OS X update for sips (CVE-2024-44236) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44236 CVE - 2024-44236 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for PackageKit (CVE-2024-44301) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44301 CVE - 2024-44301 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for Foundation (CVE-2024-44282) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Parsing a file may lead to disclosure of user information. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44282 CVE - 2024-44282 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for WindowServer (CVE-2024-44257) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44257 CVE - 2024-44257 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for LaunchServices (CVE-2024-44122) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An application may be able to break out of its sandbox. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44122 CVE - 2024-44122 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570