ISHACK AI BOT

Debian: CVE-2022-49027: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/23/2024 Created 10/24/2024 Added 10/23/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver() failed. Call destroy_workqueue() when pci_register_driver() failed to prevent the resource leak. Similar to the handling of u132_hcd_init in commit f276e002793c ("usb: u132-hcd: fix resource leak") Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-49027 CVE - 2022-49027

Debian: CVE-2022-48969: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/23/2024 Created 10/24/2024 Added 10/23/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with source host is destroyed before live migration and new sring with target host is setup after live migration. The NAPI for the old sring is not deleted until setup new sring with target host after migration. With busy_poll/busy_read enabled, the NAPI can be polled before got deleted when resume VM. BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 IP: xennet_poll+0xae/0xd20 PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI Call Trace: finish_task_switch+0x71/0x230 timerqueue_del+0x1d/0x40 hrtimer_try_to_cancel+0xb5/0x110 xennet_alloc_rx_buffers+0x2a0/0x2a0 napi_busy_loop+0xdb/0x270 sock_poll+0x87/0x90 do_sys_poll+0x26f/0x580 tracing_map_insert+0x1d4/0x2f0 event_hist_trigger+0x14a/0x260 finish_task_switch+0x71/0x230 __schedule+0x256/0x890 recalc_sigpending+0x1b/0x50 xen_sched_clock+0x15/0x20 __rb_reserve_next+0x12d/0x140 ring_buffer_lock_reserve+0x123/0x3d0 event_triggers_call+0x87/0xb0 trace_event_buffer_commit+0x1c4/0x210 xen_clocksource_get_cycles+0x15/0x20 ktime_get_ts64+0x51/0xf0 SyS_ppoll+0x160/0x1a0 SyS_ppoll+0x160/0x1a0 do_syscall_64+0x73/0x130 entry_SYSCALL_64_after_hwframe+0x41/0xa6 ... RIP: xennet_poll+0xae/0xd20 RSP: ffffb4f041933900 CR2: 0000000000000008 ---[ end trace f8601785b354351c ]--- xen frontend should remove the NAPIs for the old srings before live migration as the bond srings are destroyed There is a tiny window between the srings are set to NULL and the NAPIs are disabled, It is safe as the NAPI threads are still frozen at that time Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48969 CVE - 2022-48969

Debian: CVE-2022-48971: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/23/2024 Created 10/24/2024 Added 10/23/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix not cleanup led when bt_init fails bt_init() calls bt_leds_init() to register led, but if it fails later, bt_leds_cleanup() is not called to unregister it. This can cause panic if the argument "bluetooth-power" in text is freed and then another led_trigger_register() tries to access it: BUG: unable to handle page fault for address: ffffffffc06d3bc0 RIP: 0010:strcmp+0xc/0x30 Call Trace: <TASK> led_trigger_register+0x10d/0x4f0 led_trigger_register_simple+0x7d/0x100 bt_init+0x39/0xf7 [bluetooth] do_one_initcall+0xd0/0x4e0 Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48971 CVE - 2022-48971

Debian: CVE-2022-48978: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/23/2024 Created 10/24/2024 Added 10/23/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hid_report_raw_event Syzbot reported shift-out-of-bounds in hid_report_raw_event. microsoft 0003:045E:07DA.0001: hid_field_extract() called with n (128) > 32! (swapper/0) ====================================================================== UBSAN: shift-out-of-bounds in drivers/hid/hid-core.c:1323:20 shift exponent 127 is too large for 32-bit type 'int' CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.0-rc4-syzkaller-00159-g4bbf3422df78 #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106 ubsan_epilogue lib/ubsan.c:151 [inline] __ubsan_handle_shift_out_of_bounds+0x3a6/0x420 lib/ubsan.c:322 snto32 drivers/hid/hid-core.c:1323 [inline] hid_input_fetch_field drivers/hid/hid-core.c:1572 [inline] hid_process_report drivers/hid/hid-core.c:1665 [inline] hid_report_raw_event+0xd56/0x18b0 drivers/hid/hid-core.c:1998 hid_input_report+0x408/0x4f0 drivers/hid/hid-core.c:2066 hid_irq_in+0x459/0x690 drivers/hid/usbhid/hid-core.c:284 __usb_hcd_giveback_urb+0x369/0x530 drivers/usb/core/hcd.c:1671 dummy_timer+0x86b/0x3110 drivers/usb/gadget/udc/dummy_hcd.c:1988 call_timer_fn+0xf5/0x210 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers+0x76a/0x980 kernel/time/timer.c:1790 run_timer_softirq+0x63/0xf0 kernel/time/timer.c:1803 __do_softirq+0x277/0x75b kernel/softirq.c:571 __irq_exit_rcu+0xec/0x170 kernel/softirq.c:650 irq_exit_rcu+0x5/0x20 kernel/softirq.c:662 sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1107 ====================================================================== If the size of the integer (unsigned n) is bigger than 32 in snto32(), shift exponent will be too large for 32-bit type 'int', resulting in a shift-out-of-bounds bug. Fix this by adding a check on the size of the integer (unsigned n) in snto32(). To add support for n greater than 32 bits, set n to 32, if n is greater than 32. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48978 CVE - 2022-48978

Debian: CVE-2022-48979: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/23/2024 Created 10/24/2024 Added 10/23/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix array index out of bound error in DCN32 DML [Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. Fix the error by changing the array declaration to use the correct (larger) array size of total number of voltage states. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48979 CVE - 2022-48979

Debian: CVE-2022-48987: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/23/2024 Created 10/24/2024 Added 10/23/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2_bt_timings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that userspace would correctly fill in the front porch, backporch and sync values, but sometimes all you know is the total blanking, which is then assigned to just one of these fields. And that can fail with these checks. So instead set a maximum for the total horizontal and vertical blanking and check that each field remains below that. That is still sufficient to avoid integer overflows, but it also allows for more flexibility in how userspace fills in these fields. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48987 CVE - 2022-48987

Red Hat: CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:S/C:C/I:N/A:N) Published 10/23/2024 Created 11/28/2024 Added 11/27/2024 Modified 02/10/2025 Description A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. Solution(s) redhat-upgrade-pam redhat-upgrade-pam-debuginfo redhat-upgrade-pam-debugsource redhat-upgrade-pam-devel redhat-upgrade-pam-docs References CVE-2024-10041 RHSA-2024:10379 RHSA-2024:11250 RHSA-2024:9941

Cisco FTD: CVE-2024-20339: Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2024 Created 02/07/2025 Added 01/29/2025 Modified 02/12/2025 Description A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device. Solution(s) cisco-ftd-upgrade-latest References https://attackerkb.com/topics/cve-2024-20339 CVE - 2024-20339 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy cisco-sa-ftd-tls-dos-QXYE5Ufy

Red Hat: CVE-2024-9287: python: Virtual environment (venv) activation scripts don't quote paths (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:M/C:P/I:C/A:N) Published 10/22/2024 Created 01/16/2025 Added 01/15/2025 Modified 02/12/2025 Description A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. Solution(s) redhat-upgrade-platform-python redhat-upgrade-platform-python-debug redhat-upgrade-platform-python-devel redhat-upgrade-python-unversioned-command redhat-upgrade-python3 redhat-upgrade-python3-11 redhat-upgrade-python3-11-debug redhat-upgrade-python3-11-debuginfo redhat-upgrade-python3-11-debugsource redhat-upgrade-python3-11-devel redhat-upgrade-python3-11-idle redhat-upgrade-python3-11-libs redhat-upgrade-python3-11-rpm-macros redhat-upgrade-python3-11-test redhat-upgrade-python3-11-tkinter redhat-upgrade-python3-12 redhat-upgrade-python3-12-debug redhat-upgrade-python3-12-debuginfo redhat-upgrade-python3-12-debugsource redhat-upgrade-python3-12-devel redhat-upgrade-python3-12-idle redhat-upgrade-python3-12-libs redhat-upgrade-python3-12-rpm-macros redhat-upgrade-python3-12-test redhat-upgrade-python3-12-tkinter redhat-upgrade-python3-9-debuginfo redhat-upgrade-python3-9-debugsource redhat-upgrade-python3-debug redhat-upgrade-python3-debuginfo redhat-upgrade-python3-debugsource redhat-upgrade-python3-devel redhat-upgrade-python3-idle redhat-upgrade-python3-libs redhat-upgrade-python3-test redhat-upgrade-python3-tkinter References CVE-2024-9287 RHSA-2024:10779 RHSA-2024:10978 RHSA-2024:10979 RHSA-2024:10980 RHSA-2024:10983 RHSA-2024:11024 RHSA-2024:11035 RHSA-2024:11111 RHSA-2025:0280 View more

Gentoo Linux: CVE-2024-10231: QtWebEngine: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/22/2024 Created 01/25/2025 Added 01/24/2025 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine References https://attackerkb.com/topics/cve-2024-10231 CVE - 2024-10231 202501-09

Debian: CVE-2024-10229: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 10/22/2024 Created 10/30/2024 Added 10/29/2024 Modified 01/28/2025 Description Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-10229 CVE - 2024-10229 DSA-5799-1

Debian: CVE-2023-52919: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/22/2024 Created 10/25/2024 Added 10/24/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Handle memory allocation failure from nci_skb_alloc() (calling alloc_skb()) to avoid possible NULL pointer dereference. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-52919 CVE - 2023-52919

Red Hat JBossEAP: Cross-site Scripting (CVE-2024-10234) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:N) Published 10/22/2024 Created 12/24/2024 Added 12/20/2024 Modified 12/20/2024 Description A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.. A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-10234 CVE - 2024-10234 https://access.redhat.com/security/cve/CVE-2024-10234 https://bugzilla.redhat.com/show_bug.cgi?id=2320848

Microsoft Edge Chromium: CVE-2024-10231 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/22/2024 Created 10/26/2024 Added 10/25/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-10231 CVE - 2024-10231 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-10231

Debian: CVE-2024-10230: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/22/2024 Created 10/30/2024 Added 10/29/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-10230 CVE - 2024-10230 DSA-5799-1

Debian: CVE-2024-9287: Multiple Affected Packages Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/22/2024 Created 12/03/2024 Added 12/02/2024 Modified 02/12/2025 Description A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. Solution(s) debian-upgrade-pypy3 debian-upgrade-python2-7 debian-upgrade-python3-11 debian-upgrade-python3-9 References https://attackerkb.com/topics/cve-2024-9287 CVE - 2024-9287 DLA-3966-1

Huawei EulerOS: CVE-2024-9287: python3 security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/22/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/12/2025 Description A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. Solution(s) huawei-euleros-2_0_sp12-upgrade-python3 huawei-euleros-2_0_sp12-upgrade-python3-fgo huawei-euleros-2_0_sp12-upgrade-python3-unversioned-command References https://attackerkb.com/topics/cve-2024-9287 CVE - 2024-9287 EulerOS-SA-2025-1195

Gentoo Linux: CVE-2024-10230: QtWebEngine: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/22/2024 Created 01/25/2025 Added 01/24/2025 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine References https://attackerkb.com/topics/cve-2024-10230 CVE - 2024-10230 202501-09

A Server-Side Request Forgery (SSRF) vulnerability that allowed unauthorized access to internal services has been addressed. Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 10/22/2024 Created 01/16/2025 Added 01/10/2025 Modified 01/21/2025 Description An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Side Request Forgery (SSRF) due to improper input sanitization and misconfigured domain whitelisting. This issue permits unauthorized HTTP requests to be sent to internal services, which can lead to Remote Code Execution (RCE) by chaining Command Injection within the internal service. When combined with existing XSS vulnerabilities, this SSRF issue can further facilitate Remote Code Execution (RCE). Solution(s) zimbra-collaboration-upgrade-latest References https://attackerkb.com/topics/cve-2024-45518 CVE - 2024-45518 https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes View more

Microsoft Edge Chromium: CVE-2024-10230 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/22/2024 Created 10/26/2024 Added 10/25/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-10230 CVE - 2024-10230 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-10230

FreeBSD: (Multiple Advisories) (CVE-2024-10229): electron31 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 10/22/2024 Created 10/29/2024 Added 10/27/2024 Modified 01/28/2025 Description Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-electron32 freebsd-upgrade-package-qt5-webengine freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2024-10229

Oracle Linux: CVE-2024-9050: ELSA-2024-8357:NetworkManager-libreswan security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/22/2024 Created 11/13/2024 Added 11/11/2024 Modified 01/07/2025 Description A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system&apos;s network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration. Solution(s) oracle-linux-upgrade-networkmanager-libreswan oracle-linux-upgrade-networkmanager-libreswan-gnome References https://attackerkb.com/topics/cve-2024-9050 CVE - 2024-9050 ELSA-2024-8357 ELSA-2024-8353 ELSA-2024-9555

FreeBSD: (Multiple Advisories) (CVE-2024-10231): electron31 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/22/2024 Created 10/29/2024 Added 10/27/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-electron32 freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2024-10231

Ubuntu: USN-7116-1 (CVE-2024-9287): Python vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/22/2024 Created 11/21/2024 Added 11/20/2024 Modified 02/12/2025 Description A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. Solution(s) ubuntu-upgrade-python3-10 ubuntu-upgrade-python3-10-minimal ubuntu-upgrade-python3-12 ubuntu-upgrade-python3-12-minimal ubuntu-upgrade-python3-8 ubuntu-upgrade-python3-8-minimal References https://attackerkb.com/topics/cve-2024-9287 CVE - 2024-9287 USN-7116-1

Debian: CVE-2024-50003: linux, linux-6.1 -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/21/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix system hang while resume with TBT monitor [Why] Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during the resume procedure and call the drm_client_modeset_probe() while struct drm_connector connector->dev->master is NULL. It will mess up the pipe topology after resume. [How] Skip the TBT monitor HPD during the resume procedure because we currently will probe the connectors after resume by default. (cherry picked from commit 453f86a26945207a16b8f66aaed5962dc2b95b85) Solution(s) debian-upgrade-linux debian-upgrade-linux-6-1 References https://attackerkb.com/topics/cve-2024-50003 CVE - 2024-50003 DLA-4008-1