ISHACK AI BOT

Ubuntu: (Multiple Advisories) (CVE-2024-42415): libgsf vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/03/2024 Created 10/12/2024 Added 10/11/2024 Modified 01/28/2025 Description An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Solution(s) ubuntu-upgrade-libgsf-1-114 References https://attackerkb.com/topics/cve-2024-42415 CVE - 2024-42415 USN-7062-1 USN-7062-2

Amazon Linux AMI 2: CVE-2024-31449: Security patch for redis (ALASREDIS6-2024-010) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/03/2024 Created 10/03/2024 Added 10/03/2024 Modified 10/09/2024 Description Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-redis amazon-linux-ami-2-upgrade-redis-debuginfo amazon-linux-ami-2-upgrade-redis-devel amazon-linux-ami-2-upgrade-redis-doc References https://attackerkb.com/topics/cve-2024-31449 AL2/ALASREDIS6-2024-010 CVE - 2024-31449

Amazon Linux AMI 2: CVE-2024-42415: Security patch for libgsf (ALAS-2024-2681) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/03/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-libgsf amazon-linux-ami-2-upgrade-libgsf-debuginfo amazon-linux-ami-2-upgrade-libgsf-devel References https://attackerkb.com/topics/cve-2024-42415 AL2/ALAS-2024-2681 CVE - 2024-42415

Amazon Linux AMI 2: CVE-2024-36474: Security patch for libgsf (ALAS-2024-2681) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/03/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-libgsf amazon-linux-ami-2-upgrade-libgsf-debuginfo amazon-linux-ami-2-upgrade-libgsf-devel References https://attackerkb.com/topics/cve-2024-36474 AL2/ALAS-2024-2681 CVE - 2024-36474

FreeBSD: VID-8727B513-855B-11EF-9E50-6805CA2FA271 (CVE-2024-25590): powerdns-recursor -- denial of service Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/03/2024 Created 10/12/2024 Added 10/11/2024 Modified 10/11/2024 Description An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service. Solution(s) freebsd-upgrade-package-powerdns-recursor References CVE-2024-25590

FreeBSD: VID-2368755B-83F6-11EF-8D2E-A04A5EDF46D9 (CVE-2024-8508): Unbound -- Denial of service attack Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/03/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. The vulnerability can be exploited by a malicious actor querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. Unbound version 1.21.1 introduces a hard limit on the number of name compression calculations it is willing to do per packet. Packets that need more compression will result in semi-compressed packets or truncated packets, even on TCP for huge messages, to avoid locking the CPU for long. This change should not affect normal DNS traffic. Solution(s) freebsd-upgrade-package-unbound References CVE-2024-8508

Huawei EulerOS: CVE-2024-8508: unbound security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/03/2024 Created 01/16/2025 Added 01/15/2025 Modified 01/28/2025 Description NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. The vulnerability can be exploited by a malicious actor querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. Unbound version 1.21.1 introduces a hard limit on the number of name compression calculations it is willing to do per packet. Packets that need more compression will result in semi-compressed packets or truncated packets, even on TCP for huge messages, to avoid locking the CPU for long. This change should not affect normal DNS traffic. Solution(s) huawei-euleros-2_0_sp9-upgrade-python3-unbound huawei-euleros-2_0_sp9-upgrade-unbound huawei-euleros-2_0_sp9-upgrade-unbound-libs References https://attackerkb.com/topics/cve-2024-8508 CVE - 2024-8508 EulerOS-SA-2025-1065

Oracle Linux: CVE-2024-47850: ELSA-2024-7553:cups-filters security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/04/2024 Created 01/25/2025 Added 01/23/2025 Modified 01/23/2025 Description CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.) A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added. Solution(s) oracle-linux-upgrade-cups-filters oracle-linux-upgrade-cups-filters-devel oracle-linux-upgrade-cups-filters-libs References https://attackerkb.com/topics/cve-2024-47850 CVE - 2024-47850 ELSA-2024-7553

Debian: CVE-2024-9370: chromium -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/04/2024 Created 10/05/2024 Added 10/04/2024 Modified 10/04/2024 Description Debian: CVE-2024-9370: chromium -- security update Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-9370 CVE - 2024-9370 DSA-5781-1

Oracle Linux: CVE-2024-8508: ELSA-2024-11232:unbound:1.16.2 security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/03/2024 Created 12/24/2024 Added 12/23/2024 Modified 02/06/2025 Description NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. The vulnerability can be exploited by a malicious actor querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. Unbound version 1.21.1 introduces a hard limit on the number of name compression calculations it is willing to do per packet. Packets that need more compression will result in semi-compressed packets or truncated packets, even on TCP for huge messages, to avoid locking the CPU for long. This change should not affect normal DNS traffic. A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that Unbound can perform per packet, meaning that if a specially crafted query is passed for the contents of a malicious zone with very large RRsets, Unbound may spend a considerable amount of time applying name compression to downstream replies, locking the CPU until the whole packet has been processed. Solution(s) oracle-linux-upgrade-python3-unbound oracle-linux-upgrade-unbound oracle-linux-upgrade-unbound-devel oracle-linux-upgrade-unbound-libs References https://attackerkb.com/topics/cve-2024-8508 CVE - 2024-8508 ELSA-2024-11232 ELSA-2025-0837

Jenkins Advisory 2024-10-02: CVE-2024-47805: Encrypted values of credentials revealed to users with Extended Read permission in Credentials Plugin Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/03/2024 Created 10/03/2024 Added 10/03/2024 Modified 01/28/2025 Description Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `config.xml` via REST API or CLI. Solution(s) jenkins-lts-upgrade-2_462_3 jenkins-upgrade-2_479 References https://attackerkb.com/topics/cve-2024-47805 CVE - 2024-47805 https://jenkins.io/security/advisory/2024-10-02/

VMware Photon OS: CVE-2024-8508 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 10/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. The vulnerability can be exploited by a malicious actor querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. Unbound version 1.21.1 introduces a hard limit on the number of name compression calculations it is willing to do per packet. Packets that need more compression will result in semi-compressed packets or truncated packets, even on TCP for huge messages, to avoid locking the CPU for long. This change should not affect normal DNS traffic. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-8508 CVE - 2024-8508

Huawei EulerOS: CVE-2024-42415: libgsf security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/03/2024 Created 01/23/2025 Added 01/21/2025 Modified 01/28/2025 Description An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Solution(s) huawei-euleros-2_0_sp8-upgrade-libgsf References https://attackerkb.com/topics/cve-2024-42415 CVE - 2024-42415 EulerOS-SA-2025-1125

Jenkins Advisory 2024-10-02: CVE-2024-47806: Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/03/2024 Created 10/03/2024 Added 10/03/2024 Modified 10/04/2024 Description Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins. Solution(s) jenkins-lts-upgrade-2_462_3 jenkins-upgrade-2_479 References https://attackerkb.com/topics/cve-2024-47806 CVE - 2024-47806 https://jenkins.io/security/advisory/2024-10-02/

Jenkins Advisory 2024-10-02: CVE-2024-47803: Exposure of multi-line secrets through error messages in Jenkins Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 10/03/2024 Created 10/03/2024 Added 10/03/2024 Modified 01/28/2025 Description Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field. Solution(s) jenkins-lts-upgrade-2_462_3 jenkins-upgrade-2_479 References https://attackerkb.com/topics/cve-2024-47803 CVE - 2024-47803 https://jenkins.io/security/advisory/2024-10-02/

Gentoo Linux: CVE-2024-36474: libgsf: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/03/2024 Created 01/25/2025 Added 01/24/2025 Modified 01/28/2025 Description An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Solution(s) gentoo-linux-upgrade-gnome-extra-libgsf References https://attackerkb.com/topics/cve-2024-36474 CVE - 2024-36474 202501-07

SUSE: CVE-2024-8038: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/02/2024 Created 01/01/2025 Added 12/31/2024 Modified 12/31/2024 Description Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2024-8038 CVE - 2024-8038

Cisco TelePresence Video Communication Server (VCS) Expressway: CVE-2024-20492: Cisco Expressway Series Privilege Escalation Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:N) Published 10/02/2024 Created 01/11/2025 Added 01/10/2025 Modified 02/14/2025 Description A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level credentials with read-write privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a series of crafted CLI commands. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of the affected device. Note: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. Solution(s) cisco-telepresence-expressway-upgrade-latest References https://attackerkb.com/topics/cve-2024-20492 CVE - 2024-20492 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expw-escalation-3bkz77bD cisco-sa-expw-escalation-3bkz77bD

Google Chrome Vulnerability: CVE-2024-7025 Integer overflow in Layout Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/02/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-7025 CVE - 2024-7025

Google Chrome Vulnerability: CVE-2024-9369 Insufficient data validation in Mojo Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/02/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-9369 CVE - 2024-9369

Google Chrome Vulnerability: CVE-2024-9370 Inappropriate implementation in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/02/2024 Created 10/03/2024 Added 10/02/2024 Modified 10/02/2024 Description Google Chrome Vulnerability: CVE-2024-9370 Inappropriate implementation in V8 Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-9370 CVE - 2024-9370

FreeBSD: VID-3C6F8270-3210-4E2F-BA72-A9CDCA7417A0 (CVE-2024-47803): jenkins -- multiple vulnerabilities Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 10/02/2024 Created 10/05/2024 Added 10/04/2024 Modified 01/28/2025 Description Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field. Solution(s) freebsd-upgrade-package-jenkins freebsd-upgrade-package-jenkins-lts References CVE-2024-47803

Foxit Reader: Unspecified Security Vulnerability (CVE-2024-28888) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/02/2024 Created 10/12/2024 Added 10/11/2024 Modified 01/28/2025 Description A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkboxfield object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-28888 CVE - 2024-28888 https://talosintelligence.com/vulnerability_reports/TALOS-2024-1967 https://www.foxit.com/support/security-bulletins.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1967

Fixed a security vulnerability in the postjournal service which may allow unauthenticated users to execute commands. Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/02/2024 Created 10/05/2024 Added 01/10/2025 Modified 01/21/2025 Description The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. Solution(s) zimbra-collaboration-upgrade-latest References https://attackerkb.com/topics/cve-2024-45519 CVE - 2024-45519 https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes View more

FreeBSD: VID-3C6F8270-3210-4E2F-BA72-A9CDCA7417A0 (CVE-2024-47804): jenkins -- multiple vulnerabilities Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:P/A:N) Published 10/02/2024 Created 10/05/2024 Added 10/04/2024 Modified 01/28/2025 Description If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction. Solution(s) freebsd-upgrade-package-jenkins freebsd-upgrade-package-jenkins-lts References CVE-2024-47804