ISHACK AI BOT

Debian: CVE-2024-31145: xen -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/25/2024 Created 12/31/2024 Added 12/30/2024 Modified 12/30/2024 Description Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi.These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device.In the logic establishing these mappings, error handling was flawed, resulting in such mappings to potentially remain in place when they should have been removed again.Respective guests would then gain access to memory regions which they aren't supposed to have access to. Solution(s) debian-upgrade-xen References https://attackerkb.com/topics/cve-2024-31145 CVE - 2024-31145 DSA-5836-1

Google Chrome Vulnerability: CVE-2024-9120 Use after free in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-9120 CVE - 2024-9120

Google Chrome Vulnerability: CVE-2024-7019 Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/23/2024 Created 01/18/2025 Added 01/15/2025 Modified 01/28/2025 Description Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-7019 CVE - 2024-7019

Oracle Linux: CVE-2024-27838: ELSA-2024-8180:webkit2gtk3 security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/25/2024 Created 11/13/2024 Added 10/16/2024 Modified 01/16/2025 Description The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user. A flaw was found in WebKit. This vulnerability allows a maliciously crafted webpage to fingerprint the user. Solution(s) oracle-linux-upgrade-webkit2gtk3 oracle-linux-upgrade-webkit2gtk3-devel oracle-linux-upgrade-webkit2gtk3-jsc oracle-linux-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2024-27838 CVE - 2024-27838 ELSA-2024-8180 ELSA-2024-9636

Amazon Linux AMI 2: CVE-2024-47220: Security patch for ruby (ALAS-2024-2706) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/22/2024 Created 12/21/2024 Added 12/20/2024 Modified 12/20/2024 Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." Solution(s) amazon-linux-ami-2-upgrade-ruby amazon-linux-ami-2-upgrade-ruby-debuginfo amazon-linux-ami-2-upgrade-ruby-devel amazon-linux-ami-2-upgrade-ruby-doc amazon-linux-ami-2-upgrade-ruby-irb amazon-linux-ami-2-upgrade-ruby-libs amazon-linux-ami-2-upgrade-ruby-tcltk amazon-linux-ami-2-upgrade-rubygem-bigdecimal amazon-linux-ami-2-upgrade-rubygem-io-console amazon-linux-ami-2-upgrade-rubygem-json amazon-linux-ami-2-upgrade-rubygem-minitest amazon-linux-ami-2-upgrade-rubygem-psych amazon-linux-ami-2-upgrade-rubygem-rake amazon-linux-ami-2-upgrade-rubygem-rdoc amazon-linux-ami-2-upgrade-rubygems amazon-linux-ami-2-upgrade-rubygems-devel References https://attackerkb.com/topics/cve-2024-47220 AL2/ALAS-2024-2706 CVE - 2024-47220

Amazon Linux 2023: CVE-2024-47220: Important priority package update for ruby3.2 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/22/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." A flaw was found in the webrick toolkit. This issue occurs because the server incorrectly handles requests with both Content-Length and Transfer-Encoding headers. This can allow an attacker to sneak in an extra request such as GET /admin after the normal request POST /user. As a result, unauthorized users can access restricted areas like /admin by POST /user. Solution(s) amazon-linux-2023-upgrade-ruby3-2 amazon-linux-2023-upgrade-ruby3-2-bundled-gems amazon-linux-2023-upgrade-ruby3-2-bundled-gems-debuginfo amazon-linux-2023-upgrade-ruby3-2-debuginfo amazon-linux-2023-upgrade-ruby3-2-debugsource amazon-linux-2023-upgrade-ruby3-2-default-gems amazon-linux-2023-upgrade-ruby3-2-devel amazon-linux-2023-upgrade-ruby3-2-doc amazon-linux-2023-upgrade-ruby3-2-libs amazon-linux-2023-upgrade-ruby3-2-libs-debuginfo amazon-linux-2023-upgrade-ruby3-2-rubygem-bigdecimal amazon-linux-2023-upgrade-ruby3-2-rubygem-bigdecimal-debuginfo amazon-linux-2023-upgrade-ruby3-2-rubygem-bundler amazon-linux-2023-upgrade-ruby3-2-rubygem-io-console amazon-linux-2023-upgrade-ruby3-2-rubygem-io-console-debuginfo amazon-linux-2023-upgrade-ruby3-2-rubygem-irb amazon-linux-2023-upgrade-ruby3-2-rubygem-json amazon-linux-2023-upgrade-ruby3-2-rubygem-json-debuginfo amazon-linux-2023-upgrade-ruby3-2-rubygem-minitest amazon-linux-2023-upgrade-ruby3-2-rubygem-power-assert amazon-linux-2023-upgrade-ruby3-2-rubygem-psych amazon-linux-2023-upgrade-ruby3-2-rubygem-psych-debuginfo amazon-linux-2023-upgrade-ruby3-2-rubygem-rake amazon-linux-2023-upgrade-ruby3-2-rubygem-rbs amazon-linux-2023-upgrade-ruby3-2-rubygem-rbs-debuginfo amazon-linux-2023-upgrade-ruby3-2-rubygem-rdoc amazon-linux-2023-upgrade-ruby3-2-rubygem-rexml amazon-linux-2023-upgrade-ruby3-2-rubygem-rss amazon-linux-2023-upgrade-ruby3-2-rubygems amazon-linux-2023-upgrade-ruby3-2-rubygems-devel amazon-linux-2023-upgrade-ruby3-2-rubygem-test-unit amazon-linux-2023-upgrade-ruby3-2-rubygem-typeprof References https://attackerkb.com/topics/cve-2024-47220 CVE - 2024-47220 https://alas.aws.amazon.com/AL2023/ALAS-2024-743.html

Huawei EulerOS: CVE-2024-47220: ruby security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/22/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." Solution(s) huawei-euleros-2_0_sp10-upgrade-ruby huawei-euleros-2_0_sp10-upgrade-ruby-help huawei-euleros-2_0_sp10-upgrade-ruby-irb References https://attackerkb.com/topics/cve-2024-47220 CVE - 2024-47220 EulerOS-SA-2025-1031

Microsoft Edge Chromium: CVE-2024-38221 Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/20/2024 Created 09/20/2024 Added 09/20/2024 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Spoofing Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-38221 CVE - 2024-38221 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38221

Ubuntu: (Multiple Advisories) (CVE-2024-47220): WEBrick vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/22/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/09/2024 Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." Solution(s) ubuntu-upgrade-ruby-webrick References https://attackerkb.com/topics/cve-2024-47220 CVE - 2024-47220 USN-7057-1 USN-7057-2

SUSE: CVE-2024-8612: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/20/2024 Created 01/01/2025 Added 12/31/2024 Modified 12/31/2024 Description A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak. Solution(s) suse-upgrade-qemu suse-upgrade-qemu-accel-qtest suse-upgrade-qemu-accel-tcg-x86 suse-upgrade-qemu-arm suse-upgrade-qemu-audio-alsa suse-upgrade-qemu-audio-dbus suse-upgrade-qemu-audio-jack suse-upgrade-qemu-audio-pa suse-upgrade-qemu-audio-pipewire suse-upgrade-qemu-audio-spice suse-upgrade-qemu-block-curl suse-upgrade-qemu-block-dmg suse-upgrade-qemu-block-gluster suse-upgrade-qemu-block-iscsi suse-upgrade-qemu-block-nfs suse-upgrade-qemu-block-rbd suse-upgrade-qemu-block-ssh suse-upgrade-qemu-chardev-baum suse-upgrade-qemu-chardev-spice suse-upgrade-qemu-doc suse-upgrade-qemu-extra suse-upgrade-qemu-guest-agent suse-upgrade-qemu-headless suse-upgrade-qemu-hw-display-qxl suse-upgrade-qemu-hw-display-virtio-gpu suse-upgrade-qemu-hw-display-virtio-gpu-pci suse-upgrade-qemu-hw-display-virtio-vga suse-upgrade-qemu-hw-s390x-virtio-gpu-ccw suse-upgrade-qemu-hw-usb-host suse-upgrade-qemu-hw-usb-redirect suse-upgrade-qemu-hw-usb-smartcard suse-upgrade-qemu-img suse-upgrade-qemu-ipxe suse-upgrade-qemu-ivshmem-tools suse-upgrade-qemu-ksm suse-upgrade-qemu-kvm suse-upgrade-qemu-lang suse-upgrade-qemu-linux-user suse-upgrade-qemu-microvm suse-upgrade-qemu-ppc suse-upgrade-qemu-pr-helper suse-upgrade-qemu-s390x suse-upgrade-qemu-seabios suse-upgrade-qemu-sgabios suse-upgrade-qemu-skiboot suse-upgrade-qemu-slof suse-upgrade-qemu-spice suse-upgrade-qemu-tools suse-upgrade-qemu-ui-curses suse-upgrade-qemu-ui-dbus suse-upgrade-qemu-ui-gtk suse-upgrade-qemu-ui-opengl suse-upgrade-qemu-ui-spice-app suse-upgrade-qemu-ui-spice-core suse-upgrade-qemu-vgabios suse-upgrade-qemu-vhost-user-gpu suse-upgrade-qemu-x86 References https://attackerkb.com/topics/cve-2024-8612 CVE - 2024-8612

Amazon Linux AMI 2: CVE-2024-45810: Security patch for ecs-service-connect-agent (ALASECS-2024-045) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/20/2024 Created 11/15/2024 Added 11/14/2024 Modified 01/28/2025 Description Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstance, e.g., websocket upgrade, and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client, one reason is http async client is duplicating the status code, another one is the destroy of router is called at the destructor of the async stream, while the stream is deferred deleted at first. There will be problems that the stream decoder is destroyed but its reference is called in `router.onDestroy()`, causing segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed, and request mirrorring. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-ecs-service-connect-agent References https://attackerkb.com/topics/cve-2024-45810 AL2/ALASECS-2024-045 CVE - 2024-45810

Amazon Linux AMI 2: CVE-2024-45809: Security patch for ecs-service-connect-agent (ALASECS-2024-045) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/20/2024 Created 11/15/2024 Added 11/14/2024 Modified 01/28/2025 Description Envoy is a cloud-native high-performance edge/middle/service proxy. Jwt filter will lead to an Envoy crash when clear route cache with remote JWKs. In the following case: 1. remote JWKs are used, which requires async header processing; 2. clear_route_cache is enabled on the provider; 3. header operations are enabled in JWT filter, e.g. header to claims feature; 4. the routing table is configured in a way that the JWT header operations modify requests to not match any route. When these conditions are met, a crash is triggered in the upstream code due to nullptr reference conversion from route(). The root cause is the ordering of continueDecoding and clearRouteCache. This issue has been addressed in versions 1.31.2, 1.30.6, and 1.29.9. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-ecs-service-connect-agent References https://attackerkb.com/topics/cve-2024-45809 AL2/ALASECS-2024-045 CVE - 2024-45809

Microsoft Edge Chromium: CVE-2024-43496 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/20/2024 Created 09/20/2024 Added 09/20/2024 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-43496 CVE - 2024-43496 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43496

Microsoft Edge Chromium: CVE-2024-43489 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/20/2024 Created 09/20/2024 Added 09/20/2024 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-43489 CVE - 2024-43489 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43489

Amazon Linux AMI 2: CVE-2024-45808: Security patch for ecs-service-connect-agent (ALASECS-2024-045) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 09/20/2024 Created 11/15/2024 Added 11/14/2024 Modified 01/28/2025 Description Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-ecs-service-connect-agent References https://attackerkb.com/topics/cve-2024-45808 AL2/ALASECS-2024-045 CVE - 2024-45808

Amazon Linux AMI 2: CVE-2024-45806: Security patch for ecs-service-connect-agent (ALASECS-2024-045) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 09/20/2024 Created 11/15/2024 Added 11/14/2024 Modified 01/30/2025 Description Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty.The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted (e.g. changing arbitrary x-envoy headers) please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) amazon-linux-ami-2-upgrade-ecs-service-connect-agent References https://attackerkb.com/topics/cve-2024-45806 AL2/ALASECS-2024-045 CVE - 2024-45806

FreeBSD: VID-1FEBD09B-7716-11EF-9A62-002590C1F29C (CVE-2024-41721): FreeBSD -- bhyve(8) out-of-bounds read access via XHCI emulation Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/19/2024 Created 09/24/2024 Added 09/22/2024 Modified 09/22/2024 Description An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution. Solution(s) freebsd-upgrade-base-13_3-release-p7 freebsd-upgrade-base-13_4-release-p1 freebsd-upgrade-base-14_0-release-p11 freebsd-upgrade-base-14_1-release-p5 References CVE-2024-41721

Debian: CVE-2023-47480: puredata -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/20/2024 Created 09/28/2024 Added 09/27/2024 Modified 09/27/2024 Description An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the set*id () function. Solution(s) debian-upgrade-puredata References https://attackerkb.com/topics/cve-2023-47480 CVE - 2023-47480 DLA-3895-1

Microsoft Office: CVE-2024-38016: Microsoft Office Visio Remote Code Execution Vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/19/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/11/2024 Description Microsoft Office: CVE-2024-38016: Microsoft Office Visio Remote Code Execution Vulnerability Solution(s) microsoft-visio_2016-kb5002634 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2024-38016 CVE - 2024-38016 https://support.microsoft.com/help/5002634

Rocky Linux: CVE-2024-45769: pcp (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/19/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. Solution(s) rocky-upgrade-pcp rocky-upgrade-pcp-conf rocky-upgrade-pcp-debuginfo rocky-upgrade-pcp-debugsource rocky-upgrade-pcp-devel rocky-upgrade-pcp-devel-debuginfo rocky-upgrade-pcp-export-pcp2elasticsearch rocky-upgrade-pcp-export-pcp2graphite rocky-upgrade-pcp-export-pcp2influxdb rocky-upgrade-pcp-export-pcp2json rocky-upgrade-pcp-export-pcp2spark rocky-upgrade-pcp-export-pcp2xml rocky-upgrade-pcp-export-pcp2zabbix rocky-upgrade-pcp-export-zabbix-agent rocky-upgrade-pcp-export-zabbix-agent-debuginfo rocky-upgrade-pcp-geolocate rocky-upgrade-pcp-gui rocky-upgrade-pcp-gui-debuginfo rocky-upgrade-pcp-import-collectl2pcp rocky-upgrade-pcp-import-collectl2pcp-debuginfo rocky-upgrade-pcp-import-ganglia2pcp rocky-upgrade-pcp-import-iostat2pcp rocky-upgrade-pcp-import-mrtg2pcp rocky-upgrade-pcp-import-sar2pcp rocky-upgrade-pcp-libs rocky-upgrade-pcp-libs-debuginfo rocky-upgrade-pcp-libs-devel rocky-upgrade-pcp-pmda-activemq rocky-upgrade-pcp-pmda-apache rocky-upgrade-pcp-pmda-apache-debuginfo rocky-upgrade-pcp-pmda-bash rocky-upgrade-pcp-pmda-bash-debuginfo rocky-upgrade-pcp-pmda-bcc rocky-upgrade-pcp-pmda-bind2 rocky-upgrade-pcp-pmda-bonding rocky-upgrade-pcp-pmda-bpf rocky-upgrade-pcp-pmda-bpf-debuginfo rocky-upgrade-pcp-pmda-bpftrace rocky-upgrade-pcp-pmda-cifs rocky-upgrade-pcp-pmda-cifs-debuginfo rocky-upgrade-pcp-pmda-cisco rocky-upgrade-pcp-pmda-cisco-debuginfo rocky-upgrade-pcp-pmda-dbping rocky-upgrade-pcp-pmda-denki rocky-upgrade-pcp-pmda-denki-debuginfo rocky-upgrade-pcp-pmda-dm rocky-upgrade-pcp-pmda-dm-debuginfo rocky-upgrade-pcp-pmda-docker rocky-upgrade-pcp-pmda-docker-debuginfo rocky-upgrade-pcp-pmda-ds389 rocky-upgrade-pcp-pmda-ds389log rocky-upgrade-pcp-pmda-elasticsearch rocky-upgrade-pcp-pmda-farm rocky-upgrade-pcp-pmda-farm-debuginfo rocky-upgrade-pcp-pmda-gfs2 rocky-upgrade-pcp-pmda-gfs2-debuginfo rocky-upgrade-pcp-pmda-gluster rocky-upgrade-pcp-pmda-gpfs rocky-upgrade-pcp-pmda-gpsd rocky-upgrade-pcp-pmda-hacluster rocky-upgrade-pcp-pmda-hacluster-debuginfo rocky-upgrade-pcp-pmda-haproxy rocky-upgrade-pcp-pmda-infiniband rocky-upgrade-pcp-pmda-infiniband-debuginfo rocky-upgrade-pcp-pmda-json rocky-upgrade-pcp-pmda-libvirt rocky-upgrade-pcp-pmda-lio rocky-upgrade-pcp-pmda-lmsensors rocky-upgrade-pcp-pmda-logger rocky-upgrade-pcp-pmda-logger-debuginfo rocky-upgrade-pcp-pmda-lustre rocky-upgrade-pcp-pmda-lustrecomm rocky-upgrade-pcp-pmda-lustrecomm-debuginfo rocky-upgrade-pcp-pmda-mailq rocky-upgrade-pcp-pmda-mailq-debuginfo rocky-upgrade-pcp-pmda-memcache rocky-upgrade-pcp-pmda-mic rocky-upgrade-pcp-pmda-mongodb rocky-upgrade-pcp-pmda-mounts rocky-upgrade-pcp-pmda-mounts-debuginfo rocky-upgrade-pcp-pmda-mssql rocky-upgrade-pcp-pmda-mysql rocky-upgrade-pcp-pmda-named rocky-upgrade-pcp-pmda-netcheck rocky-upgrade-pcp-pmda-netfilter rocky-upgrade-pcp-pmda-news rocky-upgrade-pcp-pmda-nfsclient rocky-upgrade-pcp-pmda-nginx rocky-upgrade-pcp-pmda-nvidia-gpu rocky-upgrade-pcp-pmda-nvidia-gpu-debuginfo rocky-upgrade-pcp-pmda-openmetrics rocky-upgrade-pcp-pmda-openvswitch rocky-upgrade-pcp-pmda-oracle rocky-upgrade-pcp-pmda-pdns rocky-upgrade-pcp-pmda-perfevent rocky-upgrade-pcp-pmda-perfevent-debuginfo rocky-upgrade-pcp-pmda-podman rocky-upgrade-pcp-pmda-podman-debuginfo rocky-upgrade-pcp-pmda-postfix rocky-upgrade-pcp-pmda-postgresql rocky-upgrade-pcp-pmda-rabbitmq rocky-upgrade-pcp-pmda-redis rocky-upgrade-pcp-pmda-resctrl rocky-upgrade-pcp-pmda-resctrl-debuginfo rocky-upgrade-pcp-pmda-roomtemp rocky-upgrade-pcp-pmda-roomtemp-debuginfo rocky-upgrade-pcp-pmda-rsyslog rocky-upgrade-pcp-pmda-samba rocky-upgrade-pcp-pmda-sendmail rocky-upgrade-pcp-pmda-sendmail-debuginfo rocky-upgrade-pcp-pmda-shping rocky-upgrade-pcp-pmda-shping-debuginfo rocky-upgrade-pcp-pmda-slurm rocky-upgrade-pcp-pmda-smart rocky-upgrade-pcp-pmda-smart-debuginfo rocky-upgrade-pcp-pmda-snmp rocky-upgrade-pcp-pmda-sockets rocky-upgrade-pcp-pmda-sockets-debuginfo rocky-upgrade-pcp-pmda-statsd rocky-upgrade-pcp-pmda-statsd-debuginfo rocky-upgrade-pcp-pmda-summary rocky-upgrade-pcp-pmda-summary-debuginfo rocky-upgrade-pcp-pmda-systemd rocky-upgrade-pcp-pmda-systemd-debuginfo rocky-upgrade-pcp-pmda-trace rocky-upgrade-pcp-pmda-trace-debuginfo rocky-upgrade-pcp-pmda-unbound rocky-upgrade-pcp-pmda-weblog rocky-upgrade-pcp-pmda-weblog-debuginfo rocky-upgrade-pcp-pmda-zimbra rocky-upgrade-pcp-pmda-zimbra-debuginfo rocky-upgrade-pcp-pmda-zswap rocky-upgrade-pcp-selinux rocky-upgrade-pcp-system-tools rocky-upgrade-pcp-system-tools-debuginfo rocky-upgrade-pcp-testsuite rocky-upgrade-pcp-testsuite-debuginfo rocky-upgrade-pcp-zeroconf rocky-upgrade-perl-pcp-logimport rocky-upgrade-perl-pcp-logimport-debuginfo rocky-upgrade-perl-pcp-logsummary rocky-upgrade-perl-pcp-mmv rocky-upgrade-perl-pcp-mmv-debuginfo rocky-upgrade-perl-pcp-pmda rocky-upgrade-perl-pcp-pmda-debuginfo rocky-upgrade-python3-pcp rocky-upgrade-python3-pcp-debuginfo References https://attackerkb.com/topics/cve-2024-45769 CVE - 2024-45769 https://errata.rockylinux.org/RLSA-2024:6837 https://errata.rockylinux.org/RLSA-2024:6848

Amazon Linux AMI 2: CVE-2024-7254: Security patch for protobuf (ALAS-2024-2693) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/19/2024 Created 11/19/2024 Added 11/18/2024 Modified 11/18/2024 Description Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker. Solution(s) amazon-linux-ami-2-upgrade-protobuf amazon-linux-ami-2-upgrade-protobuf-compiler amazon-linux-ami-2-upgrade-protobuf-debuginfo amazon-linux-ami-2-upgrade-protobuf-devel amazon-linux-ami-2-upgrade-protobuf-emacs amazon-linux-ami-2-upgrade-protobuf-emacs-el amazon-linux-ami-2-upgrade-protobuf-java amazon-linux-ami-2-upgrade-protobuf-javadoc amazon-linux-ami-2-upgrade-protobuf-lite amazon-linux-ami-2-upgrade-protobuf-lite-devel amazon-linux-ami-2-upgrade-protobuf-lite-static amazon-linux-ami-2-upgrade-protobuf-python amazon-linux-ami-2-upgrade-protobuf-static amazon-linux-ami-2-upgrade-protobuf-vim References https://attackerkb.com/topics/cve-2024-7254 AL2/ALAS-2024-2693 CVE - 2024-7254

Rocky Linux: CVE-2024-45770: pcp (Multiple Advisories) Severity 3 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:N) Published 09/19/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges. Solution(s) rocky-upgrade-pcp rocky-upgrade-pcp-conf rocky-upgrade-pcp-debuginfo rocky-upgrade-pcp-debugsource rocky-upgrade-pcp-devel rocky-upgrade-pcp-devel-debuginfo rocky-upgrade-pcp-export-pcp2elasticsearch rocky-upgrade-pcp-export-pcp2graphite rocky-upgrade-pcp-export-pcp2influxdb rocky-upgrade-pcp-export-pcp2json rocky-upgrade-pcp-export-pcp2spark rocky-upgrade-pcp-export-pcp2xml rocky-upgrade-pcp-export-pcp2zabbix rocky-upgrade-pcp-export-zabbix-agent rocky-upgrade-pcp-export-zabbix-agent-debuginfo rocky-upgrade-pcp-geolocate rocky-upgrade-pcp-gui rocky-upgrade-pcp-gui-debuginfo rocky-upgrade-pcp-import-collectl2pcp rocky-upgrade-pcp-import-collectl2pcp-debuginfo rocky-upgrade-pcp-import-ganglia2pcp rocky-upgrade-pcp-import-iostat2pcp rocky-upgrade-pcp-import-mrtg2pcp rocky-upgrade-pcp-import-sar2pcp rocky-upgrade-pcp-libs rocky-upgrade-pcp-libs-debuginfo rocky-upgrade-pcp-libs-devel rocky-upgrade-pcp-pmda-activemq rocky-upgrade-pcp-pmda-apache rocky-upgrade-pcp-pmda-apache-debuginfo rocky-upgrade-pcp-pmda-bash rocky-upgrade-pcp-pmda-bash-debuginfo rocky-upgrade-pcp-pmda-bcc rocky-upgrade-pcp-pmda-bind2 rocky-upgrade-pcp-pmda-bonding rocky-upgrade-pcp-pmda-bpf rocky-upgrade-pcp-pmda-bpf-debuginfo rocky-upgrade-pcp-pmda-bpftrace rocky-upgrade-pcp-pmda-cifs rocky-upgrade-pcp-pmda-cifs-debuginfo rocky-upgrade-pcp-pmda-cisco rocky-upgrade-pcp-pmda-cisco-debuginfo rocky-upgrade-pcp-pmda-dbping rocky-upgrade-pcp-pmda-denki rocky-upgrade-pcp-pmda-denki-debuginfo rocky-upgrade-pcp-pmda-dm rocky-upgrade-pcp-pmda-dm-debuginfo rocky-upgrade-pcp-pmda-docker rocky-upgrade-pcp-pmda-docker-debuginfo rocky-upgrade-pcp-pmda-ds389 rocky-upgrade-pcp-pmda-ds389log rocky-upgrade-pcp-pmda-elasticsearch rocky-upgrade-pcp-pmda-farm rocky-upgrade-pcp-pmda-farm-debuginfo rocky-upgrade-pcp-pmda-gfs2 rocky-upgrade-pcp-pmda-gfs2-debuginfo rocky-upgrade-pcp-pmda-gluster rocky-upgrade-pcp-pmda-gpfs rocky-upgrade-pcp-pmda-gpsd rocky-upgrade-pcp-pmda-hacluster rocky-upgrade-pcp-pmda-hacluster-debuginfo rocky-upgrade-pcp-pmda-haproxy rocky-upgrade-pcp-pmda-infiniband rocky-upgrade-pcp-pmda-infiniband-debuginfo rocky-upgrade-pcp-pmda-json rocky-upgrade-pcp-pmda-libvirt rocky-upgrade-pcp-pmda-lio rocky-upgrade-pcp-pmda-lmsensors rocky-upgrade-pcp-pmda-logger rocky-upgrade-pcp-pmda-logger-debuginfo rocky-upgrade-pcp-pmda-lustre rocky-upgrade-pcp-pmda-lustrecomm rocky-upgrade-pcp-pmda-lustrecomm-debuginfo rocky-upgrade-pcp-pmda-mailq rocky-upgrade-pcp-pmda-mailq-debuginfo rocky-upgrade-pcp-pmda-memcache rocky-upgrade-pcp-pmda-mic rocky-upgrade-pcp-pmda-mongodb rocky-upgrade-pcp-pmda-mounts rocky-upgrade-pcp-pmda-mounts-debuginfo rocky-upgrade-pcp-pmda-mssql rocky-upgrade-pcp-pmda-mysql rocky-upgrade-pcp-pmda-named rocky-upgrade-pcp-pmda-netcheck rocky-upgrade-pcp-pmda-netfilter rocky-upgrade-pcp-pmda-news rocky-upgrade-pcp-pmda-nfsclient rocky-upgrade-pcp-pmda-nginx rocky-upgrade-pcp-pmda-nvidia-gpu rocky-upgrade-pcp-pmda-nvidia-gpu-debuginfo rocky-upgrade-pcp-pmda-openmetrics rocky-upgrade-pcp-pmda-openvswitch rocky-upgrade-pcp-pmda-oracle rocky-upgrade-pcp-pmda-pdns rocky-upgrade-pcp-pmda-perfevent rocky-upgrade-pcp-pmda-perfevent-debuginfo rocky-upgrade-pcp-pmda-podman rocky-upgrade-pcp-pmda-podman-debuginfo rocky-upgrade-pcp-pmda-postfix rocky-upgrade-pcp-pmda-postgresql rocky-upgrade-pcp-pmda-rabbitmq rocky-upgrade-pcp-pmda-redis rocky-upgrade-pcp-pmda-resctrl rocky-upgrade-pcp-pmda-resctrl-debuginfo rocky-upgrade-pcp-pmda-roomtemp rocky-upgrade-pcp-pmda-roomtemp-debuginfo rocky-upgrade-pcp-pmda-rsyslog rocky-upgrade-pcp-pmda-samba rocky-upgrade-pcp-pmda-sendmail rocky-upgrade-pcp-pmda-sendmail-debuginfo rocky-upgrade-pcp-pmda-shping rocky-upgrade-pcp-pmda-shping-debuginfo rocky-upgrade-pcp-pmda-slurm rocky-upgrade-pcp-pmda-smart rocky-upgrade-pcp-pmda-smart-debuginfo rocky-upgrade-pcp-pmda-snmp rocky-upgrade-pcp-pmda-sockets rocky-upgrade-pcp-pmda-sockets-debuginfo rocky-upgrade-pcp-pmda-statsd rocky-upgrade-pcp-pmda-statsd-debuginfo rocky-upgrade-pcp-pmda-summary rocky-upgrade-pcp-pmda-summary-debuginfo rocky-upgrade-pcp-pmda-systemd rocky-upgrade-pcp-pmda-systemd-debuginfo rocky-upgrade-pcp-pmda-trace rocky-upgrade-pcp-pmda-trace-debuginfo rocky-upgrade-pcp-pmda-unbound rocky-upgrade-pcp-pmda-weblog rocky-upgrade-pcp-pmda-weblog-debuginfo rocky-upgrade-pcp-pmda-zimbra rocky-upgrade-pcp-pmda-zimbra-debuginfo rocky-upgrade-pcp-pmda-zswap rocky-upgrade-pcp-selinux rocky-upgrade-pcp-system-tools rocky-upgrade-pcp-system-tools-debuginfo rocky-upgrade-pcp-testsuite rocky-upgrade-pcp-testsuite-debuginfo rocky-upgrade-pcp-zeroconf rocky-upgrade-perl-pcp-logimport rocky-upgrade-perl-pcp-logimport-debuginfo rocky-upgrade-perl-pcp-logsummary rocky-upgrade-perl-pcp-mmv rocky-upgrade-perl-pcp-mmv-debuginfo rocky-upgrade-perl-pcp-pmda rocky-upgrade-perl-pcp-pmda-debuginfo rocky-upgrade-python3-pcp rocky-upgrade-python3-pcp-debuginfo References https://attackerkb.com/topics/cve-2024-45770 CVE - 2024-45770 https://errata.rockylinux.org/RLSA-2024:6837 https://errata.rockylinux.org/RLSA-2024:6848

SUSE: CVE-2024-7254: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/19/2024 Created 12/31/2024 Added 12/30/2024 Modified 12/30/2024 Description Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker. Solution(s) suse-upgrade-libprotobuf-lite25_1_0 suse-upgrade-libprotobuf-lite25_1_0-32bit suse-upgrade-libprotobuf25_1_0 suse-upgrade-libprotobuf25_1_0-32bit suse-upgrade-libprotoc25_1_0 suse-upgrade-libprotoc25_1_0-32bit suse-upgrade-protobuf-devel suse-upgrade-protobuf-java suse-upgrade-python311-protobuf References https://attackerkb.com/topics/cve-2024-7254 CVE - 2024-7254

FreeBSD: VID-D47B7AE7-FE1D-4F7F-919A-480CA8035F00: zeek -- potential DoS vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/24/2024 Created 09/26/2024 Added 09/25/2024 Modified 09/25/2024 Description Tim Wojtulewicz of Corelight reports: The POP3 parser has been hardened to avoid unbounded state growth in the face of one-sided traffic capture or when enabled for non-POP3 traffic. Solution(s) freebsd-upgrade-package-zeek

Gentoo Linux: GLSA 202409-21: Hunspell: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/24/2024 Created 09/26/2024 Added 09/25/2024 Modified 09/25/2024 Description Malicious input to the hunspell spell checker could result in an application crash or other unspecified behavior. Solution(s) gentoo-linux-upgrade-app-text-hunspell References 202409-21