ISHACK AI BOT

OS X update for IOMobileFrameBuffer (CVE-2024-54506) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.2. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54506 CVE - 2024-54506 https://support.apple.com/en-us/121839

OS X update for PackageKit (CVE-2024-54476) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 12/13/2024 Created 12/13/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54476 CVE - 2024-54476 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

OS X update for AppleGraphicsControl (CVE-2024-44220) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 12/13/2024 Created 12/13/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination. Solution(s) apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44220 CVE - 2024-44220 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840

OS X update for SceneKit (CVE-2024-54501) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 12/13/2024 Created 12/13/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted file may lead to a denial of service. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54501 CVE - 2024-54501 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

OS X update for WebKit (CVE-2024-54505) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54505 CVE - 2024-54505 https://support.apple.com/en-us/121839

OS X update for WebKit (CVE-2024-54508) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54508 CVE - 2024-54508 https://support.apple.com/en-us/121839

OS X update for StorageKit (CVE-2024-44243) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/30/2025 Description A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2. An app may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-14_7_3 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44243 CVE - 2024-44243 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/122069

OS X update for LaunchServices (CVE-2024-54465) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2. An app may be able to elevate privileges. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54465 CVE - 2024-54465 https://support.apple.com/en-us/121839

OS X update for AppleMobileFileIntegrity (CVE-2024-54490) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/30/2025 Description This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2. A local attacker may gain access to user's Keychain items. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54490 CVE - 2024-54490 https://support.apple.com/en-us/121839

OS X update for Shortcuts (CVE-2024-54493) Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:N) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.2. Privacy indicators for microphone access may be attributed incorrectly. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54493 CVE - 2024-54493 https://support.apple.com/en-us/121839

OS X update for MediaRemote (CVE-2024-54484) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54484 CVE - 2024-54484 https://support.apple.com/en-us/121839

OS X update for Safari (CVE-2024-44246) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44246 CVE - 2024-44246 https://support.apple.com/en-us/121839

Debian: CVE-2024-47774: gst-plugins-good1.0 -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/12/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_avi_subtitle_parse_gab2_chunk function within gstavisubtitle.c. The function reads the name_length value directly from the input file without checking it properly. Then, the a condition, does not properly handle cases where name_length is greater than 0xFFFFFFFF - 17, causing an integer overflow. In such scenario, the function attempts to access memory beyond the buffer leading to an OOB-read. This vulnerability is fixed in 1.24.10. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2024-47774 CVE - 2024-47774 DSA-5838-1

Amazon Linux AMI 2: CVE-2024-47615: Security patch for gstreamer1-plugins-base (ALAS-2025-2747) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/12/2024 Created 02/05/2025 Added 02/05/2025 Modified 02/05/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed the fixed size of the pad->vorbis_mode_sizes array (which size is 256). When this happens, the for loop overwrites the entire pad structure with 0s and 1s, affecting adjacent memory as well. This OOB-write can overwrite up to 380 bytes of memory beyond the boundaries of the pad->vorbis_mode_sizes array. This vulnerability is fixed in 1.24.10. Solution(s) amazon-linux-ami-2-upgrade-gstreamer1-plugins-base amazon-linux-ami-2-upgrade-gstreamer1-plugins-base-debuginfo amazon-linux-ami-2-upgrade-gstreamer1-plugins-base-devel amazon-linux-ami-2-upgrade-gstreamer1-plugins-base-tools References https://attackerkb.com/topics/cve-2024-47615 AL2/ALAS-2025-2747 CVE - 2024-47615

OS X update for Disk Utility (CVE-2024-54489) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Running a mount command may unexpectedly execute arbitrary code. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54489 CVE - 2024-54489 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

OS X update for Crash Reporter (CVE-2024-44300) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access protected user data. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44300 CVE - 2024-44300 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

Apache Struts: S2-067 (CVE-2024-53677): Security updates available for Apache Struts Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 12/23/2024 Description File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: from 2.0.0 before 6.4.0. Users are recommended to upgrade to version 6.4.0 at least and migrate to the newfile upload mechanism https://struts.apache.org/core-developers/file-upload . If you are not using an old file upload logic based on FileuploadInterceptor your application is safe. You can find more details in https://cwiki.apache.org/confluence/display/WW/S2-067 Solution(s) apache-struts-upgrade-6_4_0 References https://attackerkb.com/topics/cve-2024-53677 CVE - 2024-53677 https://cwiki.apache.org/confluence/display/WW/S2-067

Debian: CVE-2024-47546: gst-plugins-good1.0 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the subtraction atom_length - 8 may result in an underflow if atom_length is less than 8. When that subtraction underflows, *cclen ends up being a large number, and then cclen is passed to g_memdup2 leading to an out-of-bounds (OOB) read. This vulnerability is fixed in 1.24.10. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2024-47546 CVE - 2024-47546 DSA-5838-1

Ubuntu: USN-7176-1 (CVE-2024-47776): GStreamer Good Plugins vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparisonif (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47776 CVE - 2024-47776 USN-7176-1

Ubuntu: USN-7176-1 (CVE-2024-47544): GStreamer Good Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. The function qtdemux_parse_sbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47544 CVE - 2024-47544 USN-7176-1

Alma Linux: CVE-2024-47538: Important: gstreamer1-plugins-base security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels exceeds 64, the for loop will write beyond the boundaries of the position array. The value written will always be `GST_AUDIO_CHANNEL_POSITION_NONE`. This vulnerability allows someone to overwrite the EIP address allocated in the stack. Additionally, this bug can overwrite the `GstAudioInfo` info structure. This vulnerability is fixed in 1.24.10. Solution(s) alma-upgrade-gstreamer1-plugins-base alma-upgrade-gstreamer1-plugins-base-devel alma-upgrade-gstreamer1-plugins-base-tools References https://attackerkb.com/topics/cve-2024-47538 CVE - 2024-47538 https://errata.almalinux.org/8/ALSA-2024-11345.html https://errata.almalinux.org/9/ALSA-2024-11123.html

OS X update for Sandbox (CVE-2024-44219) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 12/12/2024 Description A permissions issue was addressed with additional restrictions. Solution(s) apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44219 CVE - 2024-44219 https://support.apple.com/en-us/121564

Ubuntu: USN-7175-1 (CVE-2024-47541): GStreamer Base Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/30/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha) style override codes, which are enclosed in curly brackets ({}). The issue arises when a closing curly bracket "}" appears before an opening curly bracket "{" in the input string. In this case, memmove() incorrectly duplicates a substring. With each successive loop iteration, the size passed to memmove() becomes progressively larger (strlen(end+1)), leading to a write beyond the allocated memory bounds. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-alsa ubuntu-upgrade-gstreamer1-0-gl ubuntu-upgrade-gstreamer1-0-plugins-base ubuntu-upgrade-gstreamer1-0-plugins-base-apps ubuntu-upgrade-gstreamer1-0-plugins-base-doc ubuntu-upgrade-gstreamer1-0-x ubuntu-upgrade-libgstreamer-gl1-0-0 ubuntu-upgrade-libgstreamer-plugins-base1-0-0 References https://attackerkb.com/topics/cve-2024-47541 CVE - 2024-47541 USN-7175-1

OS X update for Screen Sharing Server (CVE-2024-44248) Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/30/2025 Description This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A user with screen sharing access may be able to view another user's screen. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44248 CVE - 2024-44248 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

Ubuntu: USN-7176-1 (CVE-2024-47546): GStreamer Good Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the subtraction atom_length - 8 may result in an underflow if atom_length is less than 8. When that subtraction underflows, *cclen ends up being a large number, and then cclen is passed to g_memdup2 leading to an out-of-bounds (OOB) read. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47546 CVE - 2024-47546 USN-7176-1