ISHACK AI BOT

OS X update for Apple Software Restore (CVE-2024-54477) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 12/12/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54477 CVE - 2024-54477 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

Rocky Linux: CVE-2024-54479: webkit2gtk3 (RLSA-2025-0145) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Solution(s) rocky-upgrade-webkit2gtk3 rocky-upgrade-webkit2gtk3-debuginfo rocky-upgrade-webkit2gtk3-debugsource rocky-upgrade-webkit2gtk3-devel rocky-upgrade-webkit2gtk3-devel-debuginfo rocky-upgrade-webkit2gtk3-jsc rocky-upgrade-webkit2gtk3-jsc-debuginfo rocky-upgrade-webkit2gtk3-jsc-devel rocky-upgrade-webkit2gtk3-jsc-devel-debuginfo References https://attackerkb.com/topics/cve-2024-54479 CVE - 2024-54479 https://errata.rockylinux.org/RLSA-2025:0145

Red Hat: CVE-2024-47606: gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned) size, causing the overflow of the 'slice_size' variable. As a result, only 0x89 bytes are allocated, despite the large input size. When the following memcpy call occurs in gst_buffer_fill, the data from the input file will overwrite the content of the GstMapInfo info structure. Finally, during the call to gst_memory_unmap, the overwritten memory may cause a function pointer hijack, as the mem->allocator->mem_unmap_full function is called with a corrupted pointer. This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. This vulnerability is fixed in 1.24.10. Solution(s) redhat-upgrade-gstreamer1-plugins-good redhat-upgrade-gstreamer1-plugins-good-debuginfo redhat-upgrade-gstreamer1-plugins-good-debugsource redhat-upgrade-gstreamer1-plugins-good-gtk redhat-upgrade-gstreamer1-plugins-good-gtk-debuginfo redhat-upgrade-gstreamer1-plugins-good-qt-debuginfo References CVE-2024-47606 RHSA-2024:11119 RHSA-2024:11121 RHSA-2024:11122 RHSA-2024:11299 RHSA-2024:11348

Alma Linux: CVE-2024-54505: Important: webkit2gtk3 security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/28/2025 Description A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Solution(s) alma-upgrade-webkit2gtk3 alma-upgrade-webkit2gtk3-devel alma-upgrade-webkit2gtk3-jsc alma-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2024-54505 CVE - 2024-54505 https://errata.almalinux.org/8/ALSA-2025-0145.html https://errata.almalinux.org/9/ALSA-2025-0146.html

Ubuntu: USN-7176-1 (CVE-2024-47778): GStreamer Good Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst_wavparse_adtl_chunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer. As a result, an OOB read occurs in the following while loop. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47778 CVE - 2024-47778 USN-7176-1

Debian: CVE-2024-12382: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/17/2024 Added 12/16/2024 Modified 01/28/2025 Description Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12382 CVE - 2024-12382 DSA-5829-1

Debian: CVE-2024-54505: webkit2gtk, wpewebkit -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 12/28/2024 Added 12/27/2024 Modified 01/28/2025 Description A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2024-54505 CVE - 2024-54505 DSA-5835-1

Ubuntu: USN-7175-1 (CVE-2024-47542): GStreamer Base Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-alsa ubuntu-upgrade-gstreamer1-0-gl ubuntu-upgrade-gstreamer1-0-plugins-base ubuntu-upgrade-gstreamer1-0-plugins-base-apps ubuntu-upgrade-gstreamer1-0-plugins-base-doc ubuntu-upgrade-gstreamer1-0-x ubuntu-upgrade-libgstreamer-gl1-0-0 ubuntu-upgrade-libgstreamer-plugins-base1-0-0 References https://attackerkb.com/topics/cve-2024-47542 CVE - 2024-47542 USN-7175-1

SUSE: CVE-2024-12382: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 12/12/2024 Created 01/10/2025 Added 01/09/2025 Modified 01/28/2025 Description Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12382 CVE - 2024-12382

Ubuntu: USN-7176-1 (CVE-2024-47545): GStreamer Good Plugins vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/12/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/28/2025 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemux_parse_trak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happens, the subsequent call to gst_buffer_fill will invoke memcpy with a large tocopy size, resulting in an OOB-read. This vulnerability is fixed in 1.24.10. Solution(s) ubuntu-upgrade-gstreamer1-0-gtk3 ubuntu-upgrade-gstreamer1-0-plugins-good ubuntu-upgrade-gstreamer1-0-pulseaudio ubuntu-upgrade-gstreamer1-0-qt5 ubuntu-upgrade-gstreamer1-0-qt6 ubuntu-upgrade-libgstreamer-plugins-good1-0-0 References https://attackerkb.com/topics/cve-2024-47545 CVE - 2024-47545 USN-7176-1

VMware Photon OS: CVE-2024-47607 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components.stack-buffer overflow has been detected in the gst_opus_dec_parse_header function within `gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If n_channels exceeds 64, the for loop will write beyond the boundaries of the pos array. The value written will always be GST_AUDIO_CHANNEL_POSITION_NONE. This bug allows to overwrite the EIP address allocated in the stack. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47607 CVE - 2024-47607

VMware Photon OS: CVE-2024-47777 Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is sufficient. If the buffer is too small, the function reads beyond its bounds. This vulnerability may result in reading 4 bytes out of the boundaries of the data buffer. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47777 CVE - 2024-47777

VMware Photon OS: CVE-2024-47539 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loop condition i * 2 < ccpair_size. Specifically, when ccpair_size is even, the allocated size in storage does not match the loop's expected bounds, resulting in an out-of-bounds write. This bug allows for the overwriting of up to 3 bytes beyond the allocated bounds of the storage array. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47539 CVE - 2024-47539

FreeBSD: VID-275AC414-B847-11EF-9877-2CF05DA270F3 (CVE-2024-12292): Gitlab -- Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/11/2024 Created 12/17/2024 Added 12/14/2024 Modified 12/14/2024 Description An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-12292

VMware Photon OS: CVE-2024-47615 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gst_parse_vorbis_setup_packet within vorbis_parse.c. The integer size is read from the input file without proper validation. As a result, size can exceed the fixed size of the pad->vorbis_mode_sizes array (which size is 256). When this happens, the for loop overwrites the entire pad structure with 0s and 1s, affecting adjacent memory as well. This OOB-write can overwrite up to 380 bytes of memory beyond the boundaries of the pad->vorbis_mode_sizes array. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47615 CVE - 2024-47615

VMware Photon OS: CVE-2024-47606 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned) size, causing the overflow of the 'slice_size' variable. As a result, only 0x89 bytes are allocated, despite the large input size. When the following memcpy call occurs in gst_buffer_fill, the data from the input file will overwrite the content of the GstMapInfo info structure. Finally, during the call to gst_memory_unmap, the overwritten memory may cause a function pointer hijack, as the mem->allocator->mem_unmap_full function is called with a corrupted pointer. This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47606 CVE - 2024-47606

VMware Photon OS: CVE-2024-47596 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemux_parse_svq3_stsd_data function within qtdemux.c. In the FOURCC_SMI_ case, seqh_size is read from the input file without proper validation. If seqh_size is greater than the remaining size of the data buffer, it can lead to an OOB-read in the following call to gst_buffer_fill, which internally uses memcpy. This vulnerability can result in reading up to 4GB of process memory or potentially causing a segmentation fault (SEGV) when accessing invalid memory. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47596 CVE - 2024-47596

Oracle Linux: CVE-2024-47539: ELSA-2024-11122:gstreamer1-plugins-good security update (IMPORTANT) (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/11/2024 Created 12/18/2024 Added 12/16/2024 Modified 01/07/2025 Description GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the storage array and the loop condition i * 2 &lt; ccpair_size. Specifically, when ccpair_size is even, the allocated size in storage does not match the loop&apos;s expected bounds, resulting in an out-of-bounds write. This bug allows for the overwriting of up to 3 bytes beyond the allocated bounds of the storage array. This vulnerability is fixed in 1.24.10. Solution(s) oracle-linux-upgrade-gstreamer1-plugins-good oracle-linux-upgrade-gstreamer1-plugins-good-gtk References https://attackerkb.com/topics/cve-2024-47539 CVE - 2024-47539 ELSA-2024-11122 ELSA-2024-11299

Oracle MySQL Vulnerability: CVE-2024-11053 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/11/2024 Created 01/23/2025 Added 01/22/2025 Modified 01/22/2025 Description When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2024-11053 CVE - 2024-11053

VMware Photon OS: CVE-2024-47775 Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47775 CVE - 2024-47775

VMware Photon OS: CVE-2024-47776 Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparisonif (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47776 CVE - 2024-47776

Ubuntu: USN-7162-1 (CVE-2024-11053): curl vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/11/2024 Created 12/18/2024 Added 12/17/2024 Modified 12/17/2024 Description When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. Solution(s) ubuntu-upgrade-curl ubuntu-upgrade-libcurl3-gnutls ubuntu-upgrade-libcurl3-nss ubuntu-upgrade-libcurl3t64-gnutls ubuntu-upgrade-libcurl4 ubuntu-upgrade-libcurl4t64 References https://attackerkb.com/topics/cve-2024-11053 CVE - 2024-11053 USN-7162-1

Oracle Linux: CVE-2024-47538: ELSA-2024-11123:gstreamer1-plugins-base security update (IMPORTANT) (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/11/2024 Created 12/18/2024 Added 12/16/2024 Modified 02/07/2025 Description GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbis_handle_identification_packet function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-&gt;vi.channels exceeds 64, the for loop will write beyond the boundaries of the position array The value written will always be GST_AUDIO_CHANNEL_POSITION_NONE. This vulnerability allows to overwrite the EIP address allocated in the stack. Additionally, this bug can overwrite the GstAudioInfo info structure. This vulnerability is fixed in 1.24.10. Solution(s) oracle-linux-upgrade-gstreamer1-plugins-base oracle-linux-upgrade-gstreamer1-plugins-base-devel oracle-linux-upgrade-gstreamer1-plugins-base-devel-docs oracle-linux-upgrade-gstreamer1-plugins-base-tools oracle-linux-upgrade-gstreamer1-plugins-good References https://attackerkb.com/topics/cve-2024-47538 CVE - 2024-47538 ELSA-2024-11123 ELSA-2024-11345 ELSA-2024-11344

VMware Photon OS: CVE-2024-47601 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_parse_blockgroup_or_simpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer *sub pointer before performing dereferences. As a result, null pointer dereferences may occur. This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47601 CVE - 2024-47601

VMware Photon OS: CVE-2024-47599 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/11/2024 Created 01/30/2025 Added 01/29/2025 Modified 02/04/2025 Description GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_jpeg_dec_negotiate function in gstjpegdec.c. This function does not check for a NULL return value from gst_video_decoder_set_output_state. When this happens, dereferences of the outstate pointer will lead to a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-47599 CVE - 2024-47599