ISHACK AI BOT

VMware Photon OS: CVE-2024-46725 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/18/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix the out-of-bounds write warning Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-46725 CVE - 2024-46725

Huawei EulerOS: CVE-2024-46723: kernel security update Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 09/18/2024 Created 01/23/2025 Added 01/21/2025 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that read ucode[] may out-of-bounds. Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-46723 CVE - 2024-46723 EulerOS-SA-2025-1123

Ubuntu: (Multiple Advisories) (CVE-2024-46771): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/18/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcm_connect() below. [0] The repro calls connect() to vxcan1, removes vxcan1, and calls connect() with ifindex == 0. Calling connect() for a BCM socket allocates a proc entry. Then, bcm_sk(sk)->bound is set to 1 to prevent further connect(). However, removing the bound device resets bcm_sk(sk)->bound to 0 in bcm_notify(). The 2nd connect() tries to allocate a proc entry with the same name and sets NULL to bcm_sk(sk)->bcm_proc_read, leaking the original proc entry. Since the proc entry is available only for connect()ed sockets, let's clean up the entry when the bound netdev is unregistered. [0]: proc_dir_entry 'can-bcm/2456' already registered WARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375 Modules linked in: CPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375 Code: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 <0f> 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48 RSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246 RAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 RBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0 R10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec FS:00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220 bcm_connect+0x472/0x840 net/can/bcm.c:1673 __sys_connect_file net/socket.c:2049 [inline] __sys_connect+0x5d2/0x690 net/socket.c:2066 __do_sys_connect net/socket.c:2076 [inline] __se_sys_connect net/socket.c:2073 [inline] __x64_sys_connect+0x8f/0x100 net/socket.c:2073 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7fbd708b0e5d Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48 RSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040 R10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098 R13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000 </TASK> remove_proc_entry: removing non-empty directory 'net/can-bcm', leaking at least '2456' Solution(s) ubuntu-upgrade-linux-image-5-15-0-1038-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1055-gkeop ubuntu-upgrade-linux-image-5-15-0-1065-ibm ubuntu-upgrade-linux-image-5-15-0-1065-raspi ubuntu-upgrade-linux-image-5-15-0-1067-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1067-nvidia ubuntu-upgrade-linux-image-5-15-0-1067-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1069-gke ubuntu-upgrade-linux-image-5-15-0-1069-kvm ubuntu-upgrade-linux-image-5-15-0-1070-oracle ubuntu-upgrade-linux-image-5-15-0-1071-gcp ubuntu-upgrade-linux-image-5-15-0-1072-aws ubuntu-upgrade-linux-image-5-15-0-1075-azure ubuntu-upgrade-linux-image-5-15-0-1078-azure ubuntu-upgrade-linux-image-5-15-0-125-generic ubuntu-upgrade-linux-image-5-15-0-125-generic-64k ubuntu-upgrade-linux-image-5-15-0-125-generic-lpae ubuntu-upgrade-linux-image-5-15-0-125-lowlatency ubuntu-upgrade-linux-image-5-15-0-125-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1044-iot ubuntu-upgrade-linux-image-5-4-0-1054-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1082-ibm ubuntu-upgrade-linux-image-5-4-0-1094-bluefield ubuntu-upgrade-linux-image-5-4-0-1102-gkeop ubuntu-upgrade-linux-image-5-4-0-1119-raspi ubuntu-upgrade-linux-image-5-4-0-1123-kvm ubuntu-upgrade-linux-image-5-4-0-1134-oracle ubuntu-upgrade-linux-image-5-4-0-1135-aws ubuntu-upgrade-linux-image-5-4-0-1139-azure ubuntu-upgrade-linux-image-5-4-0-1139-gcp ubuntu-upgrade-linux-image-5-4-0-1140-azure ubuntu-upgrade-linux-image-5-4-0-200-generic ubuntu-upgrade-linux-image-5-4-0-200-generic-lpae ubuntu-upgrade-linux-image-5-4-0-200-lowlatency ubuntu-upgrade-linux-image-6-8-0-1002-gkeop ubuntu-upgrade-linux-image-6-8-0-1015-gke ubuntu-upgrade-linux-image-6-8-0-1016-raspi ubuntu-upgrade-linux-image-6-8-0-1017-ibm ubuntu-upgrade-linux-image-6-8-0-1017-oracle ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1018-oem ubuntu-upgrade-linux-image-6-8-0-1019-gcp ubuntu-upgrade-linux-image-6-8-0-1019-nvidia ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1020-aws ubuntu-upgrade-linux-image-6-8-0-1020-azure ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde ubuntu-upgrade-linux-image-6-8-0-50-generic ubuntu-upgrade-linux-image-6-8-0-50-generic-64k ubuntu-upgrade-linux-image-6-8-0-50-lowlatency ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-gkeop-6-8 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-24-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-46771 CVE - 2024-46771 USN-7088-1 USN-7088-2 USN-7088-3 USN-7088-4 USN-7088-5 USN-7100-1 USN-7100-2 USN-7119-1 USN-7123-1 USN-7144-1 USN-7154-1 USN-7154-2 USN-7155-1 USN-7156-1 USN-7194-1 USN-7196-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-46729): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/18/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/10/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop [WHY] fe_clk_en has size of 5 but sizeof(fe_clk_en) has byte size 20 which is lager than the array size. [HOW] Divide byte size 20 by its element size. This fixes 2 OVERRUN issues reported by Coverity. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1002-gkeop ubuntu-upgrade-linux-image-6-8-0-1015-gke ubuntu-upgrade-linux-image-6-8-0-1016-raspi ubuntu-upgrade-linux-image-6-8-0-1017-ibm ubuntu-upgrade-linux-image-6-8-0-1017-oracle ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1018-oem ubuntu-upgrade-linux-image-6-8-0-1019-gcp ubuntu-upgrade-linux-image-6-8-0-1019-nvidia ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1020-aws ubuntu-upgrade-linux-image-6-8-0-1020-azure ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde ubuntu-upgrade-linux-image-6-8-0-50-generic ubuntu-upgrade-linux-image-6-8-0-50-generic-64k ubuntu-upgrade-linux-image-6-8-0-50-lowlatency ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-6-8 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-24-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-46729 CVE - 2024-46729 USN-7154-1 USN-7154-2 USN-7155-1 USN-7156-1 USN-7196-1

Ubuntu: (Multiple Advisories) (CVE-2024-46772): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/18/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 2 DIVIDE_BY_ZERO issues reported by Coverity. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1002-gkeop ubuntu-upgrade-linux-image-6-8-0-1015-gke ubuntu-upgrade-linux-image-6-8-0-1016-raspi ubuntu-upgrade-linux-image-6-8-0-1017-ibm ubuntu-upgrade-linux-image-6-8-0-1017-oracle ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1018-oem ubuntu-upgrade-linux-image-6-8-0-1019-gcp ubuntu-upgrade-linux-image-6-8-0-1019-nvidia ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1020-aws ubuntu-upgrade-linux-image-6-8-0-1020-azure ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde ubuntu-upgrade-linux-image-6-8-0-50-generic ubuntu-upgrade-linux-image-6-8-0-50-generic-64k ubuntu-upgrade-linux-image-6-8-0-50-lowlatency ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-6-8 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-24-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-46772 CVE - 2024-46772 USN-7154-1 USN-7154-2 USN-7155-1 USN-7156-1 USN-7196-1

VMware Photon OS: CVE-2024-46755 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/18/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if the priv is actually currently in use. Unused priv pointers do not have a wiphy attached to them which can lead to NULL pointer dereferences further down the callstack.Fix this by returning only used priv pointers which have priv->bss_mode set to something else than NL80211_IFTYPE_UNSPECIFIED. Said NULL pointer dereference happened when an Accesspoint was started with wpa_supplicant -i mlan0 with this config: network={ ssid="somessid" mode=2 frequency=2412 key_mgmt=WPA-PSK WPA-PSK-SHA256 proto=RSN group=CCMP pairwise=CCMP psk="12345678" } When waiting for the AP to be established, interrupting wpa_supplicant with <ctrl-c> and starting it again this happens: | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000140 | Mem abort info: | ESR = 0x0000000096000004 | EC = 0x25: DABT (current EL), IL = 32 bits | SET = 0, FnV = 0 | EA = 0, S1PTW = 0 | FSC = 0x04: level 0 translation fault | Data abort info: | ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 | CM = 0, WnR = 0, TnD = 0, TagAccess = 0 | GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 | user pgtable: 4k pages, 48-bit VAs, pgdp=0000000046d96000 | [0000000000000140] pgd=0000000000000000, p4d=0000000000000000 | Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP | Modules linked in: caam_jr caamhash_desc spidev caamalg_desc crypto_engine authenc libdes mwifiex_sdio +mwifiex crct10dif_ce cdc_acm onboard_usb_hub fsl_imx8_ddr_perf imx8m_ddrc rtc_ds1307 lm75 rtc_snvs +imx_sdma caam imx8mm_thermal spi_imx error imx_cpufreq_dt fuse ip_tables x_tables ipv6 | CPU: 0 PID: 8 Comm: kworker/0:1 Not tainted 6.9.0-00007-g937242013fce-dirty #18 | Hardware name: somemachine (DT) | Workqueue: events sdio_irq_work | pstate: 00000005 (nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) | pc : mwifiex_get_cfp+0xd8/0x15c [mwifiex] | lr : mwifiex_get_cfp+0x34/0x15c [mwifiex] | sp : ffff8000818b3a70 | x29: ffff8000818b3a70 x28: ffff000006bfd8a5 x27: 0000000000000004 | x26: 000000000000002c x25: 0000000000001511 x24: 0000000002e86bc9 | x23: ffff000006bfd996 x22: 0000000000000004 x21: ffff000007bec000 | x20: 000000000000002c x19: 0000000000000000 x18: 0000000000000000 | x17: 000000040044ffff x16: 00500072b5503510 x15: ccc283740681e517 | x14: 0201000101006d15 x13: 0000000002e8ff43 x12: 002c01000000ffb1 | x11: 0100000000000000 x10: 02e8ff43002c0100 x9 : 0000ffb100100157 | x8 : ffff000003d20000 x7 : 00000000000002f1 x6 : 00000000ffffe124 | x5 : 0000000000000001 x4 : 0000000000000003 x3 : 0000000000000000 | x2 : 0000000000000000 x1 : 0001000000011001 x0 : 0000000000000000 | Call trace: |mwifiex_get_cfp+0xd8/0x15c [mwifiex] |mwifiex_parse_single_response_buf+0x1d0/0x504 [mwifiex] |mwifiex_handle_event_ext_scan_report+0x19c/0x2f8 [mwifiex] |mwifiex_process_sta_event+0x298/0xf0c [mwifiex] |mwifiex_process_event+0x110/0x238 [mwifiex] |mwifiex_main_process+0x428/0xa44 [mwifiex] |mwifiex_sdio_interrupt+0x64/0x12c [mwifiex_sdio] |process_sdio_pending_irqs+0x64/0x1b8 |sdio_irq_work+0x4c/0x7c |process_one_work+0x148/0x2a0 |worker_thread+0x2fc/0x40c |kthread+0x110/0x114 |ret_from_fork+0x10/0x20 | Code: a94153f3 a8c37bfd d50323bf d65f03c0 (f940a000) | ---[ end trace 0000000000000000 ]--- Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-46755 CVE - 2024-46755

Ubuntu: (Multiple Advisories) (CVE-2024-46766): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/18/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that is not rtnl-locked when called from the reset. This creates the need to take the rtnl_lock just for a single function and complicates the synchronization with .ndo_bpf. At the same time, there no actual need to fill napi-to-queue information at this exact point. Fill napi-to-queue information when opening the VSI and clear it when the VSI is being closed. Those routines are already rtnl-locked. Also, rewrite napi-to-queue assignment in a way that prevents inclusion of XDP queues, as this leads to out-of-bounds writes, such as one below. [+0.000004] BUG: KASAN: slab-out-of-bounds in netif_queue_set_napi+0x1c2/0x1e0 [+0.000012] Write of size 8 at addr ffff889881727c80 by task bash/7047 [+0.000006] CPU: 24 PID: 7047 Comm: bash Not tainted 6.10.0-rc2+ #2 [+0.000004] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0014.082620210524 08/26/2021 [+0.000003] Call Trace: [+0.000003]<TASK> [+0.000002]dump_stack_lvl+0x60/0x80 [+0.000007]print_report+0xce/0x630 [+0.000007]? __pfx__raw_spin_lock_irqsave+0x10/0x10 [+0.000007]? __virt_addr_valid+0x1c9/0x2c0 [+0.000005]? netif_queue_set_napi+0x1c2/0x1e0 [+0.000003]kasan_report+0xe9/0x120 [+0.000004]? netif_queue_set_napi+0x1c2/0x1e0 [+0.000004]netif_queue_set_napi+0x1c2/0x1e0 [+0.000005]ice_vsi_close+0x161/0x670 [ice] [+0.000114]ice_dis_vsi+0x22f/0x270 [ice] [+0.000095]ice_pf_dis_all_vsi.constprop.0+0xae/0x1c0 [ice] [+0.000086]ice_prepare_for_reset+0x299/0x750 [ice] [+0.000087]pci_dev_save_and_disable+0x82/0xd0 [+0.000006]pci_reset_function+0x12d/0x230 [+0.000004]reset_store+0xa0/0x100 [+0.000006]? __pfx_reset_store+0x10/0x10 [+0.000002]? __pfx_mutex_lock+0x10/0x10 [+0.000004]? __check_object_size+0x4c1/0x640 [+0.000007]kernfs_fop_write_iter+0x30b/0x4a0 [+0.000006]vfs_write+0x5d6/0xdf0 [+0.000005]? fd_install+0x180/0x350 [+0.000005]? __pfx_vfs_write+0x10/0xA10 [+0.000004]? do_fcntl+0x52c/0xcd0 [+0.000004]? kasan_save_track+0x13/0x60 [+0.000003]? kasan_save_free_info+0x37/0x60 [+0.000006]ksys_write+0xfa/0x1d0 [+0.000003]? __pfx_ksys_write+0x10/0x10 [+0.000002]? __x64_sys_fcntl+0x121/0x180 [+0.000004]? _raw_spin_lock+0x87/0xe0 [+0.000005]do_syscall_64+0x80/0x170 [+0.000007]? _raw_spin_lock+0x87/0xe0 [+0.000004]? __pfx__raw_spin_lock+0x10/0x10 [+0.000003]? file_close_fd_locked+0x167/0x230 [+0.000005]? syscall_exit_to_user_mode+0x7d/0x220 [+0.000005]? do_syscall_64+0x8c/0x170 [+0.000004]? do_syscall_64+0x8c/0x170 [+0.000003]? do_syscall_64+0x8c/0x170 [+0.000003]? fput+0x1a/0x2c0 [+0.000004]? filp_close+0x19/0x30 [+0.000004]? do_dup2+0x25a/0x4c0 [+0.000004]? __x64_sys_dup2+0x6e/0x2e0 [+0.000002]? syscall_exit_to_user_mode+0x7d/0x220 [+0.000004]? do_syscall_64+0x8c/0x170 [+0.000003]? __count_memcg_events+0x113/0x380 [+0.000005]? handle_mm_fault+0x136/0x820 [+0.000005]? do_user_addr_fault+0x444/0xa80 [+0.000004]? clear_bhb_loop+0x25/0x80 [+0.000004]? clear_bhb_loop+0x25/0x80 [+0.000002]entry_SYSCALL_64_after_hwframe+0x76/0x7e [+0.000005] RIP: 0033:0x7f2033593154 Solution(s) ubuntu-upgrade-linux-image-6-8-0-1002-gkeop ubuntu-upgrade-linux-image-6-8-0-1015-gke ubuntu-upgrade-linux-image-6-8-0-1016-raspi ubuntu-upgrade-linux-image-6-8-0-1017-ibm ubuntu-upgrade-linux-image-6-8-0-1017-oracle ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1018-oem ubuntu-upgrade-linux-image-6-8-0-1019-gcp ubuntu-upgrade-linux-image-6-8-0-1019-nvidia ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1020-aws ubuntu-upgrade-linux-image-6-8-0-1020-azure ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde ubuntu-upgrade-linux-image-6-8-0-50-generic ubuntu-upgrade-linux-image-6-8-0-50-generic-64k ubuntu-upgrade-linux-image-6-8-0-50-lowlatency ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-6-8 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-24-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-46766 CVE - 2024-46766 USN-7154-1 USN-7154-2 USN-7155-1 USN-7156-1 USN-7196-1

Ubuntu: (Multiple Advisories) (CVE-2024-46754): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/18/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/10/2025 Description In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau said that self test for BPF_PROG_TYPE_LWT_SEG6LOCAL probably didn't work since it was introduced in commit 04d4b274e2a ("ipv6: sr: Add seg6local action End.BPF"). The reason is that the per-CPU variable seg6_bpf_srh_states::srh is never assigned in the self test case but each BPF function expects it. Remove test_run for BPF_PROG_TYPE_LWT_SEG6LOCAL. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1002-gkeop ubuntu-upgrade-linux-image-6-8-0-1015-gke ubuntu-upgrade-linux-image-6-8-0-1016-raspi ubuntu-upgrade-linux-image-6-8-0-1017-ibm ubuntu-upgrade-linux-image-6-8-0-1017-oracle ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1018-oem ubuntu-upgrade-linux-image-6-8-0-1019-gcp ubuntu-upgrade-linux-image-6-8-0-1019-nvidia ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1020-aws ubuntu-upgrade-linux-image-6-8-0-1020-azure ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde ubuntu-upgrade-linux-image-6-8-0-50-generic ubuntu-upgrade-linux-image-6-8-0-50-generic-64k ubuntu-upgrade-linux-image-6-8-0-50-lowlatency ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-6-8 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-24-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-46754 CVE - 2024-46754 USN-7154-1 USN-7154-2 USN-7155-1 USN-7156-1 USN-7196-1

SUSE: CVE-2024-8906: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/17/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-8906 CVE - 2024-8906

Ubuntu: (Multiple Advisories) (CVE-2024-46774): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:C) Published 09/18/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1002-gkeop ubuntu-upgrade-linux-image-6-8-0-1015-gke ubuntu-upgrade-linux-image-6-8-0-1016-raspi ubuntu-upgrade-linux-image-6-8-0-1017-ibm ubuntu-upgrade-linux-image-6-8-0-1017-oracle ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1018-oem ubuntu-upgrade-linux-image-6-8-0-1019-gcp ubuntu-upgrade-linux-image-6-8-0-1019-nvidia ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1020-aws ubuntu-upgrade-linux-image-6-8-0-1020-azure ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde ubuntu-upgrade-linux-image-6-8-0-50-generic ubuntu-upgrade-linux-image-6-8-0-50-generic-64k ubuntu-upgrade-linux-image-6-8-0-50-lowlatency ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-6-8 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-24-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-46774 CVE - 2024-46774 USN-7154-1 USN-7154-2 USN-7155-1 USN-7156-1 USN-7196-1

SUSE: CVE-2024-8907: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/17/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-8907 CVE - 2024-8907

SUSE: CVE-2024-8905: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/17/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-8905 CVE - 2024-8905

Alma Linux: CVE-2024-8900: Important: firefox security update (ALSA-2024-7700) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 10/10/2024 Added 10/10/2024 Modified 01/30/2025 Description An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. Solution(s) alma-upgrade-firefox References https://attackerkb.com/topics/cve-2024-8900 CVE - 2024-8900 https://errata.almalinux.org/8/ALSA-2024-7700.html

OS X update for TV App (CVE-2024-40859) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-40859 CVE - 2024-40859 https://support.apple.com/en-us/121238

MFSA2024-49 Thunderbird: Security Vulnerabilities fixed in Thunderbird 128.3 (CVE-2024-8900) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/30/2025 Description An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. Solution(s) mozilla-thunderbird-upgrade-128_3 References https://attackerkb.com/topics/cve-2024-8900 CVE - 2024-8900 http://www.mozilla.org/security/announce/2024/mfsa2024-49.html

OS X update for Sandbox (CVE-2024-44163) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to access private information. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44163 CVE - 2024-44163 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

Ubuntu: USN-7050-1 (CVE-2024-8796): Devise-Two-Factor vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:S/C:C/I:N/A:N) Published 09/17/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description Under the default configuration, Devise-Two-Factor versions >= 2.2.0 & < 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an attacker to guess the shared secret and generate valid TOTP codes. Solution(s) ubuntu-pro-upgrade-ruby-devise-two-factor References https://attackerkb.com/topics/cve-2024-8796 CVE - 2024-8796 USN-7050-1

OS X update for PackageKit (CVE-2024-44178) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44178 CVE - 2024-44178 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for Quick Look (CVE-2024-44149) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44149 CVE - 2024-44149 https://support.apple.com/en-us/121238

OS X update for Shortcuts (CVE-2024-40844) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to observe data displayed to the user by Shortcuts. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-40844 CVE - 2024-40844 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for Disk Images (CVE-2024-44148) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44148 CVE - 2024-44148 https://support.apple.com/en-us/121238

OS X update for libxml2 (CVE-2024-44198) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44198 CVE - 2024-44198 https://support.apple.com/en-us/121238

OS X update for mDNSResponder (CVE-2024-44183) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause a denial-of-service. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44183 CVE - 2024-44183 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

Red Hat: CVE-2024-45770: pcp: pmpost symlink attack allows escalating pcp to root user (Multiple Advisories) Severity 3 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:N) Published 09/17/2024 Created 09/20/2024 Added 09/20/2024 Modified 11/13/2024 Description A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges. Solution(s) redhat-upgrade-pcp redhat-upgrade-pcp-conf redhat-upgrade-pcp-debuginfo redhat-upgrade-pcp-debugsource redhat-upgrade-pcp-devel redhat-upgrade-pcp-devel-debuginfo redhat-upgrade-pcp-doc redhat-upgrade-pcp-export-pcp2elasticsearch redhat-upgrade-pcp-export-pcp2graphite redhat-upgrade-pcp-export-pcp2influxdb redhat-upgrade-pcp-export-pcp2json redhat-upgrade-pcp-export-pcp2openmetrics redhat-upgrade-pcp-export-pcp2spark redhat-upgrade-pcp-export-pcp2xml redhat-upgrade-pcp-export-pcp2zabbix redhat-upgrade-pcp-export-zabbix-agent redhat-upgrade-pcp-export-zabbix-agent-debuginfo redhat-upgrade-pcp-geolocate redhat-upgrade-pcp-gui redhat-upgrade-pcp-gui-debuginfo redhat-upgrade-pcp-import-collectl2pcp redhat-upgrade-pcp-import-collectl2pcp-debuginfo redhat-upgrade-pcp-import-ganglia2pcp redhat-upgrade-pcp-import-iostat2pcp redhat-upgrade-pcp-import-mrtg2pcp redhat-upgrade-pcp-import-sar2pcp redhat-upgrade-pcp-libs redhat-upgrade-pcp-libs-debuginfo redhat-upgrade-pcp-libs-devel redhat-upgrade-pcp-pmda-activemq redhat-upgrade-pcp-pmda-apache redhat-upgrade-pcp-pmda-apache-debuginfo redhat-upgrade-pcp-pmda-bash redhat-upgrade-pcp-pmda-bash-debuginfo redhat-upgrade-pcp-pmda-bcc redhat-upgrade-pcp-pmda-bind2 redhat-upgrade-pcp-pmda-bonding redhat-upgrade-pcp-pmda-bpf redhat-upgrade-pcp-pmda-bpf-debuginfo redhat-upgrade-pcp-pmda-bpftrace redhat-upgrade-pcp-pmda-cifs redhat-upgrade-pcp-pmda-cifs-debuginfo redhat-upgrade-pcp-pmda-cisco redhat-upgrade-pcp-pmda-cisco-debuginfo redhat-upgrade-pcp-pmda-dbping redhat-upgrade-pcp-pmda-denki redhat-upgrade-pcp-pmda-denki-debuginfo redhat-upgrade-pcp-pmda-dm redhat-upgrade-pcp-pmda-dm-debuginfo redhat-upgrade-pcp-pmda-docker redhat-upgrade-pcp-pmda-docker-debuginfo redhat-upgrade-pcp-pmda-ds389 redhat-upgrade-pcp-pmda-ds389log redhat-upgrade-pcp-pmda-elasticsearch redhat-upgrade-pcp-pmda-farm redhat-upgrade-pcp-pmda-farm-debuginfo redhat-upgrade-pcp-pmda-gfs2 redhat-upgrade-pcp-pmda-gfs2-debuginfo redhat-upgrade-pcp-pmda-gluster redhat-upgrade-pcp-pmda-gpfs redhat-upgrade-pcp-pmda-gpsd redhat-upgrade-pcp-pmda-hacluster redhat-upgrade-pcp-pmda-hacluster-debuginfo redhat-upgrade-pcp-pmda-haproxy redhat-upgrade-pcp-pmda-infiniband redhat-upgrade-pcp-pmda-infiniband-debuginfo redhat-upgrade-pcp-pmda-json redhat-upgrade-pcp-pmda-libvirt redhat-upgrade-pcp-pmda-lio redhat-upgrade-pcp-pmda-lmsensors redhat-upgrade-pcp-pmda-logger redhat-upgrade-pcp-pmda-logger-debuginfo redhat-upgrade-pcp-pmda-lustre redhat-upgrade-pcp-pmda-lustrecomm redhat-upgrade-pcp-pmda-lustrecomm-debuginfo redhat-upgrade-pcp-pmda-mailq redhat-upgrade-pcp-pmda-mailq-debuginfo redhat-upgrade-pcp-pmda-memcache redhat-upgrade-pcp-pmda-mic redhat-upgrade-pcp-pmda-mongodb redhat-upgrade-pcp-pmda-mounts redhat-upgrade-pcp-pmda-mounts-debuginfo redhat-upgrade-pcp-pmda-mssql redhat-upgrade-pcp-pmda-mysql redhat-upgrade-pcp-pmda-named redhat-upgrade-pcp-pmda-netcheck redhat-upgrade-pcp-pmda-netfilter redhat-upgrade-pcp-pmda-news redhat-upgrade-pcp-pmda-nfsclient redhat-upgrade-pcp-pmda-nginx redhat-upgrade-pcp-pmda-nvidia-gpu redhat-upgrade-pcp-pmda-nvidia-gpu-debuginfo redhat-upgrade-pcp-pmda-openmetrics redhat-upgrade-pcp-pmda-openvswitch redhat-upgrade-pcp-pmda-oracle redhat-upgrade-pcp-pmda-pdns redhat-upgrade-pcp-pmda-perfevent redhat-upgrade-pcp-pmda-perfevent-debuginfo redhat-upgrade-pcp-pmda-podman redhat-upgrade-pcp-pmda-podman-debuginfo redhat-upgrade-pcp-pmda-postfix redhat-upgrade-pcp-pmda-postgresql redhat-upgrade-pcp-pmda-rabbitmq redhat-upgrade-pcp-pmda-redis redhat-upgrade-pcp-pmda-resctrl redhat-upgrade-pcp-pmda-resctrl-debuginfo redhat-upgrade-pcp-pmda-roomtemp redhat-upgrade-pcp-pmda-roomtemp-debuginfo redhat-upgrade-pcp-pmda-rsyslog redhat-upgrade-pcp-pmda-samba redhat-upgrade-pcp-pmda-sendmail redhat-upgrade-pcp-pmda-sendmail-debuginfo redhat-upgrade-pcp-pmda-shping redhat-upgrade-pcp-pmda-shping-debuginfo redhat-upgrade-pcp-pmda-slurm redhat-upgrade-pcp-pmda-smart redhat-upgrade-pcp-pmda-smart-debuginfo redhat-upgrade-pcp-pmda-snmp redhat-upgrade-pcp-pmda-sockets redhat-upgrade-pcp-pmda-sockets-debuginfo redhat-upgrade-pcp-pmda-statsd redhat-upgrade-pcp-pmda-statsd-debuginfo redhat-upgrade-pcp-pmda-summary redhat-upgrade-pcp-pmda-summary-debuginfo redhat-upgrade-pcp-pmda-systemd redhat-upgrade-pcp-pmda-systemd-debuginfo redhat-upgrade-pcp-pmda-trace redhat-upgrade-pcp-pmda-trace-debuginfo redhat-upgrade-pcp-pmda-unbound redhat-upgrade-pcp-pmda-uwsgi redhat-upgrade-pcp-pmda-weblog redhat-upgrade-pcp-pmda-weblog-debuginfo redhat-upgrade-pcp-pmda-zimbra redhat-upgrade-pcp-pmda-zimbra-debuginfo redhat-upgrade-pcp-pmda-zswap redhat-upgrade-pcp-selinux redhat-upgrade-pcp-system-tools redhat-upgrade-pcp-system-tools-debuginfo redhat-upgrade-pcp-testsuite redhat-upgrade-pcp-testsuite-debuginfo redhat-upgrade-pcp-zeroconf redhat-upgrade-perl-pcp-logimport redhat-upgrade-perl-pcp-logimport-debuginfo redhat-upgrade-perl-pcp-logsummary redhat-upgrade-perl-pcp-mmv redhat-upgrade-perl-pcp-mmv-debuginfo redhat-upgrade-perl-pcp-pmda redhat-upgrade-perl-pcp-pmda-debuginfo redhat-upgrade-python3-pcp redhat-upgrade-python3-pcp-debuginfo References CVE-2024-45770 RHSA-2024:6837 RHSA-2024:6844 RHSA-2024:6847 RHSA-2024:6848 RHSA-2024:9452

Red Hat: CVE-2024-44187: webkitgtk: A malicious website may exfiltrate data cross-origin (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 09/17/2024 Created 10/18/2024 Added 10/18/2024 Modified 11/27/2024 Description A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2024-44187 RHSA-2024:8180 RHSA-2024:9553 RHSA-2024:9636