ISHACK AI BOT

OS X update for Intel Graphics Driver (CVE-2024-44161) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44161 CVE - 2024-44161 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for Intel Graphics Driver (CVE-2024-44160) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44160 CVE - 2024-44160 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

Rocky Linux: CVE-2024-8900: firefox (RLSA-2024-7700) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/30/2025 Description An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource References https://attackerkb.com/topics/cve-2024-8900 CVE - 2024-8900 https://errata.rockylinux.org/RLSA-2024:7700

OS X update for XProtect (CVE-2024-40842) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-40842 CVE - 2024-40842 https://support.apple.com/en-us/121238

Rocky Linux: CVE-2024-44187: webkit2gtk3 (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 09/17/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/30/2025 Description A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. Solution(s) rocky-upgrade-webkit2gtk3 rocky-upgrade-webkit2gtk3-debuginfo rocky-upgrade-webkit2gtk3-debugsource rocky-upgrade-webkit2gtk3-devel rocky-upgrade-webkit2gtk3-devel-debuginfo rocky-upgrade-webkit2gtk3-jsc rocky-upgrade-webkit2gtk3-jsc-debuginfo rocky-upgrade-webkit2gtk3-jsc-devel rocky-upgrade-webkit2gtk3-jsc-devel-debuginfo References https://attackerkb.com/topics/cve-2024-44187 CVE - 2024-44187 https://errata.rockylinux.org/RLSA-2024:8180 https://errata.rockylinux.org/RLSA-2024:9636

OS X update for Wi-Fi (CVE-2024-44134) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44134 CVE - 2024-44134 https://support.apple.com/en-us/121238

OS X update for Wi-Fi (CVE-2024-40770) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-40770 CVE - 2024-40770 https://support.apple.com/en-us/121238

Debian: CVE-2024-8908: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/17/2024 Created 09/24/2024 Added 09/23/2024 Modified 01/28/2025 Description Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-8908 CVE - 2024-8908 DSA-5773-1

OS X update for Notes (CVE-2024-44167) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44167 CVE - 2024-44167 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for WindowServer (CVE-2024-44189) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent. Solution(s) apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44189 CVE - 2024-44189 https://support.apple.com/en-us/121238

Aruba AOS-8: CVE-2024-42502: Authenticated Remote Command Execution (RCE) Vulnerability in the AOS Command Line Interface Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 09/17/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system. Solution(s) aruba-aos-8-cve-2024-42502 References https://attackerkb.com/topics/cve-2024-42502 CVE - 2024-42502 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04709.json

OS X update for AppleGraphicsControl (CVE-2024-40846) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination. Solution(s) apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-40846 CVE - 2024-40846 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for Kernel (CVE-2024-44165) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Network traffic may leak outside a VPN tunnel. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44165 CVE - 2024-44165 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for AppleMobileFileIntegrity (CVE-2024-40847) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-40847 CVE - 2024-40847 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

Oracle Linux: CVE-2024-8900: ELSA-2024-7700:firefox security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 11/13/2024 Added 10/16/2024 Modified 01/07/2025 Description An attacker could write data to the user&apos;s clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox &lt; 129, Firefox ESR &lt; 128.3, and Thunderbird &lt; 128.3. The Mozilla Foundation&apos;s Security Advisory: An attacker could write data to the user&apos;s clipboard, bypassing the user prompt, during a certain sequence of navigational events. Solution(s) oracle-linux-upgrade-firefox References https://attackerkb.com/topics/cve-2024-8900 CVE - 2024-8900 ELSA-2024-7700 ELSA-2024-7702

OS X update for Compression (CVE-2024-27876) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-27876 CVE - 2024-27876 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

OS X update for ImageIO (CVE-2024-44176) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 09/17/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing an image may lead to a denial-of-service. Solution(s) apple-osx-upgrade-13_7 apple-osx-upgrade-14_7 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44176 CVE - 2024-44176 https://support.apple.com/en-us/121234 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121247

FreeBSD: VID-BD940ABA-7467-11EF-A5C4-08002784C58D (CVE-2024-45800): SnappyMail -- multiple mXSS in HTML sanitizer Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/16/2024 Created 09/18/2024 Added 09/18/2024 Modified 09/18/2024 Description Snappymail is an open source web-based email client. SnappyMail uses the `cleanHtml()` function to cleanup HTML and CSS in emails. Research discovered that the function has a few bugs which cause an mXSS exploit. Because the function allowed too many (invalid) HTML elements, it was possible (with incorrect markup) to trick the browser to "fix" the broken markup into valid markup. As a result a motivated attacker may be able to inject javascript. However, due to the default Content Security Policy the impact of the exploit is minimal. It could be possible to create an attack which leaks some data when loading images through the proxy. This way it might be possible to use the proxy to attack the local system, like with `http://localhost:5000/leak`. Another attack could be to load a JavaScript attachment of the email. This is very tricky as the email must link to every possible UID as each email has a unique UID which has a value between 1 and 18446744073709551615 **v2.38.0** and up now remove unsupported HTML elements which mitigates the issue. Users are advised to upgrade. Older versions can install an extension named "Security mXSS" as a mitigation. This will be available at the administration area at `/?admin#/packages`. **NOTE:** this extension can not "fix" malicious code in encrypted messages or (html) attachments as it can't manipulate the JavaScript code for this. It only protects normal message HTML. Solution(s) freebsd-upgrade-package-snappymail-php81 freebsd-upgrade-package-snappymail-php82 freebsd-upgrade-package-snappymail-php83 freebsd-upgrade-package-snappymail-php84 References CVE-2024-45800

Alpine Linux: CVE-2024-24968: Vulnerability in Multiple Components Severity 4 CVSS (AV:L/AC:M/Au:M/C:N/I:N/A:C) Published 09/16/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/02/2024 Description Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. Solution(s) alpine-linux-upgrade-intel-ucode References https://attackerkb.com/topics/cve-2024-24968 CVE - 2024-24968 https://security.alpinelinux.org/vuln/CVE-2024-24968

Alma Linux: CVE-2024-43398: Moderate: ruby:3.3 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/16/2024 Created 09/18/2024 Added 09/18/2024 Modified 09/23/2024 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability. Solution(s) alma-upgrade-pcs alma-upgrade-pcs-snmp alma-upgrade-ruby alma-upgrade-ruby-bundled-gems alma-upgrade-ruby-default-gems alma-upgrade-ruby-devel alma-upgrade-ruby-doc alma-upgrade-ruby-libs alma-upgrade-rubygem-abrt alma-upgrade-rubygem-abrt-doc alma-upgrade-rubygem-bigdecimal alma-upgrade-rubygem-bundler alma-upgrade-rubygem-io-console alma-upgrade-rubygem-irb alma-upgrade-rubygem-json alma-upgrade-rubygem-minitest alma-upgrade-rubygem-mysql2 alma-upgrade-rubygem-mysql2-doc alma-upgrade-rubygem-pg alma-upgrade-rubygem-pg-doc alma-upgrade-rubygem-power_assert alma-upgrade-rubygem-psych alma-upgrade-rubygem-racc alma-upgrade-rubygem-rake alma-upgrade-rubygem-rbs alma-upgrade-rubygem-rdoc alma-upgrade-rubygem-rexml alma-upgrade-rubygem-rss alma-upgrade-rubygem-test-unit alma-upgrade-rubygem-typeprof alma-upgrade-rubygems alma-upgrade-rubygems-devel References https://attackerkb.com/topics/cve-2024-43398 CVE - 2024-43398 https://errata.almalinux.org/8/ALSA-2024-6670.html https://errata.almalinux.org/8/ALSA-2024-6784.html https://errata.almalinux.org/9/ALSA-2024-6785.html

Alpine Linux: CVE-2024-23984: Observable Discrepancy Severity 4 CVSS (AV:L/AC:M/Au:M/C:C/I:N/A:N) Published 09/16/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/02/2024 Description Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Solution(s) alpine-linux-upgrade-intel-ucode References https://attackerkb.com/topics/cve-2024-23984 CVE - 2024-23984 https://security.alpinelinux.org/vuln/CVE-2024-23984

Amazon Linux 2023: CVE-2024-24968: Important priority package update for microcode_ctl Severity 4 CVSS (AV:L/AC:H/Au:M/C:N/I:N/A:C) Published 09/16/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. A flaw was found in intel Processors. Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to enable a denial of service via local access. Solution(s) amazon-linux-2023-upgrade-microcode-ctl References https://attackerkb.com/topics/cve-2024-24968 CVE - 2024-24968 https://alas.aws.amazon.com/AL2023/ALAS-2024-748.html

JetBrains IntelliJ IDEA: CVE-2024-46970: HTML injection via the project name was possible (IJPL-8358) Severity 2 CVSS (AV:L/AC:L/Au:N/C:P/I:N/A:N) Published 09/16/2024 Created 01/31/2025 Added 01/29/2025 Modified 02/05/2025 Description In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible Solution(s) jetbrains-intellij-idea-upgrade-latest References https://attackerkb.com/topics/cve-2024-46970 CVE - 2024-46970 https://www.jetbrains.com/privacy-security/issues-fixed/

Amazon Linux AMI 2: CVE-2024-23984: Security patch for microcode_ctl (ALAS-2024-2682) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/16/2024 Created 11/05/2024 Added 11/04/2024 Modified 11/04/2024 Description Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2024-23984 AL2/ALAS-2024-2682 CVE - 2024-23984

Amazon Linux AMI 2: CVE-2024-24968: Security patch for microcode_ctl (ALAS-2024-2682) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/16/2024 Created 11/05/2024 Added 11/04/2024 Modified 11/04/2024 Description Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2024-24968 AL2/ALAS-2024-2682 CVE - 2024-24968