ISHACK AI BOT

Debian: CVE-2024-53100: linux, linux-6.1 -- security update Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 11/25/2024 Created 12/03/2024 Added 12/02/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queue_lock lock and destroy Commit 76d54bf20cdc ("nvme-tcp: don't access released socket during error recovery") added a mutex_lock() call for the queue->queue_lock in nvme_tcp_get_address(). However, the mutex_lock() races with mutex_destroy() in nvme_tcp_free_queue(), and causes the WARN below. DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 34077 at kernel/locking/mutex.c:587 __mutex_lock+0xcf0/0x1220 Modules linked in: nvmet_tcp nvmet nvme_tcp nvme_fabrics iw_cm ib_cm ib_core pktcdvd nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables qrtr sunrpc ppdev 9pnet_virtio 9pnet pcspkr netfs parport_pc parport e1000 i2c_piix4 i2c_smbus loop fuse nfnetlink zram bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper xfs drm sym53c8xx floppy nvme scsi_transport_spi nvme_core nvme_auth serio_raw ata_generic pata_acpi dm_multipath qemu_fw_cfg [last unloaded: ib_uverbs] CPU: 3 UID: 0 PID: 34077 Comm: udisksd Not tainted 6.11.0-rc7 #319 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:__mutex_lock+0xcf0/0x1220 Code: 08 84 d2 0f 85 c8 04 00 00 8b 15 ef b6 c8 01 85 d2 0f 85 78 f4 ff ff 48 c7 c6 20 93 ee af 48 c7 c7 60 91 ee af e8 f0 a7 6d fd <0f> 0b e9 5e f4 ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 RSP: 0018:ffff88811305f760 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff88812c652058 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 RBP: ffff88811305f8b0 R08: 0000000000000001 R09: ffffed1075c36341 R10: ffff8883ae1b1a0b R11: 0000000000010498 R12: 0000000000000000 R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88812c652058 FS:00007f9713ae4980(0000) GS:ffff8883ae180000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcd78483c7c CR3: 0000000122c38000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? __warn.cold+0x5b/0x1af ? __mutex_lock+0xcf0/0x1220 ? report_bug+0x1ec/0x390 ? handle_bug+0x3c/0x80 ? exc_invalid_op+0x13/0x40 ? asm_exc_invalid_op+0x16/0x20 ? __mutex_lock+0xcf0/0x1220 ? nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp] ? __pfx___mutex_lock+0x10/0x10 ? __lock_acquire+0xd6a/0x59e0 ? nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp] nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp] ? __pfx_nvme_tcp_get_address+0x10/0x10 [nvme_tcp] nvme_sysfs_show_address+0x81/0xc0 [nvme_core] dev_attr_show+0x42/0x80 ? __asan_memset+0x1f/0x40 sysfs_kf_seq_show+0x1f0/0x370 seq_read_iter+0x2cb/0x1130 ? rw_verify_area+0x3b1/0x590 ? __mutex_lock+0x433/0x1220 vfs_read+0x6a6/0xa20 ? lockdep_hardirqs_on+0x78/0x100 ? __pfx_vfs_read+0x10/0x10 ksys_read+0xf7/0x1d0 ? __pfx_ksys_read+0x10/0x10 ? __x64_sys_openat+0x105/0x1d0 do_syscall_64+0x93/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? __pfx_ksys_read+0x10/0x10 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? do_syscall_64+0x9f/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f9713f55cfa Code: 55 48 89 e5 48 83 ec 20 48 89 55 e8 48 89 75 f0 89 7d f8 e8 e8 74 f8 ff 48 8b 55 e8 48 8b 75 f0 4 ---truncated--- Solution(s) debian-upgrade-linux debian-upgrade-linux-6-1 References https://attackerkb.com/topics/cve-2024-53100 CVE - 2024-53100 DLA-4008-1

Huawei EulerOS: CVE-2024-53096: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/25/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like control flow and numerous means by which issues can arise and incomplete state, memory leaks and other unpleasantness can occur. A large amount of the complexity arises from trying to handle errors late in the process of mapping a VMA, which forms the basis of recently observed issues with resource leaks and observable inconsistent state. Taking advantage of previous patches in this series we move a number of checks earlier in the code, simplifying things by moving the core of the logic into a static internal function __mmap_region(). Doing this allows us to perform a number of checks up front before we do any real work, and allows us to unwind the writable unmap check unconditionally as required and to perform a CONFIG_DEBUG_VM_MAPLE_TREE validation unconditionally also. We move a number of things here: 1. We preallocate memory for the iterator before we call the file-backed memory hook, allowing us to exit early and avoid having to perform complicated and error-prone close/free logic. We carefully free iterator state on both success and error paths. 2. The enclosing mmap_region() function handles the mapping_map_writable() logic early. Previously the logic had the mapping_map_writable() at the point of mapping a newly allocated file-backed VMA, and a matching mapping_unmap_writable() on success and error paths. We now do this unconditionally if this is a file-backed, shared writable mapping. If a driver changes the flags to eliminate VM_MAYWRITE, however doing so does not invalidate the seal check we just performed, and we in any case always decrement the counter in the wrapper. We perform a debug assert to ensure a driver does not attempt to do the opposite. 3. We also move arch_validate_flags() up into the mmap_region() function. This is only relevant on arm64 and sparc64, and the check is only meaningful for SPARC with ADI enabled. We explicitly add a warning for this arch if a driver invalidates this check, though the code ought eventually to be fixed to eliminate the need for this. With all of these measures in place, we no longer need to explicitly close the VMA on error paths, as we place all checks which might fail prior to a call to any driver mmap hook. This eliminates an entire class of errors, makes the code easier to reason about and more robust. Solution(s) huawei-euleros-2_0_sp12-upgrade-bpftool huawei-euleros-2_0_sp12-upgrade-kernel huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp12-upgrade-kernel-tools huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs huawei-euleros-2_0_sp12-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-53096 CVE - 2024-53096 EulerOS-SA-2025-1192

Foxit Reader: Annotation Use-After-Free Remote Code Execution Vulnerability (CVE-2024-9254) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25173. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9254 CVE - 2024-9254 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1307/

Foxit Reader: Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability (CVE-2024-9244) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-23933. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9244 CVE - 2024-9244 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1298/

Foxit Reader: AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2024-9256) Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25267. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9256 CVE - 2024-9256 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1309/

Foxit Reader: AcroForm Use-After-Free Remote Code Execution Vulnerability (CVE-2024-9250) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24489. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9250 CVE - 2024-9250 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1303/

SUSE: CVE-2024-8932: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 01/01/2025 Added 12/31/2024 Modified 12/31/2024 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. Solution(s) suse-upgrade-apache2-mod_php8 suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-ffi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-fpm-apache suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2024-8932 CVE - 2024-8932

Foxit Reader: Annotation Use-After-Free Remote Code Execution Vulnerability (CVE-2024-9255) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25174. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9255 CVE - 2024-9255 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1308/

Debian: CVE-2024-52804: python-tornado -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/03/2025 Description Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue. Solution(s) debian-upgrade-python-tornado References https://attackerkb.com/topics/cve-2024-52804 CVE - 2024-52804 DLA-4007-1

7-Zip: CVE-2024-11612: CWE-835 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/22/2024 Created 11/26/2024 Added 11/25/2024 Modified 12/19/2024 Description 7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of streams. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-24307. Solution(s) 7-zip-7-zip-upgrade-latest References https://attackerkb.com/topics/cve-2024-11612 CVE - 2024-11612 https://www.zerodayinitiative.com/advisories/ZDI-24-1606/

Amazon Linux AMI 2: CVE-2024-52804: Security patch for python3-tornado (ALAS-2025-2725) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/10/2025 Description Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue. Solution(s) amazon-linux-ami-2-upgrade-python3-tornado amazon-linux-ami-2-upgrade-python3-tornado-debuginfo amazon-linux-ami-2-upgrade-python3-tornado-doc References https://attackerkb.com/topics/cve-2024-52804 AL2/ALAS-2025-2725 CVE - 2024-52804

Ubuntu: (Multiple Advisories) (CVE-2024-8929): PHP vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 12/17/2024 Added 12/16/2024 Modified 01/31/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-0 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-libapache2-mod-php8-3 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-ldap ubuntu-pro-upgrade-php7-0-mysql ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php7-4-mysql ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-enchant ubuntu-pro-upgrade-php8-1-fpm ubuntu-pro-upgrade-php8-1-mysql ubuntu-pro-upgrade-php8-3 ubuntu-pro-upgrade-php8-3-cgi ubuntu-pro-upgrade-php8-3-cli ubuntu-pro-upgrade-php8-3-fpm ubuntu-pro-upgrade-php8-3-mysql References https://attackerkb.com/topics/cve-2024-8929 CVE - 2024-8929 USN-7157-1 USN-7157-2 USN-7157-3

Ubuntu: USN-7150-1 (CVE-2024-52804): Tornado vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 12/13/2024 Added 12/12/2024 Modified 12/12/2024 Description Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue. Solution(s) ubuntu-pro-upgrade-python-tornado ubuntu-pro-upgrade-python3-tornado References https://attackerkb.com/topics/cve-2024-52804 CVE - 2024-52804 USN-7150-1

Debian: CVE-2024-10220: kubernetes -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 12/03/2024 Added 12/02/2024 Modified 12/02/2024 Description The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2. Solution(s) debian-upgrade-kubernetes References https://attackerkb.com/topics/cve-2024-10220 CVE - 2024-10220

Foxit Reader: Annotation Use-After-Free Information Disclosure Vulnerability (CVE-2024-9251) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24490. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9251 CVE - 2024-9251 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1306/

Foxit Reader: Unspecified Security Vulnerability (CVE-2024-9243) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23932. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9243 CVE - 2024-9243 https://www.zerodayinitiative.com/advisories/ZDI-24-1296/

Debian: CVE-2024-8929: php7.4, php8.2 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 12/03/2024 Added 12/02/2024 Modified 12/16/2024 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. Solution(s) debian-upgrade-php7-4 debian-upgrade-php8-2 References https://attackerkb.com/topics/cve-2024-8929 CVE - 2024-8929 DSA-5819-1

Ubuntu: (Multiple Advisories) (CVE-2024-8932): PHP vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 12/17/2024 Added 12/16/2024 Modified 01/31/2025 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. Solution(s) ubuntu-pro-upgrade-libapache2-mod-php7-0 ubuntu-pro-upgrade-libapache2-mod-php7-4 ubuntu-pro-upgrade-libapache2-mod-php8-0 ubuntu-pro-upgrade-libapache2-mod-php8-1 ubuntu-pro-upgrade-libapache2-mod-php8-3 ubuntu-pro-upgrade-php7-0 ubuntu-pro-upgrade-php7-0-cgi ubuntu-pro-upgrade-php7-0-cli ubuntu-pro-upgrade-php7-0-ldap ubuntu-pro-upgrade-php7-0-mysql ubuntu-pro-upgrade-php7-4 ubuntu-pro-upgrade-php7-4-cgi ubuntu-pro-upgrade-php7-4-cli ubuntu-pro-upgrade-php7-4-fpm ubuntu-pro-upgrade-php7-4-ldap ubuntu-pro-upgrade-php7-4-mysql ubuntu-pro-upgrade-php8-1 ubuntu-pro-upgrade-php8-1-cgi ubuntu-pro-upgrade-php8-1-cli ubuntu-pro-upgrade-php8-1-enchant ubuntu-pro-upgrade-php8-1-fpm ubuntu-pro-upgrade-php8-1-mysql ubuntu-pro-upgrade-php8-3 ubuntu-pro-upgrade-php8-3-cgi ubuntu-pro-upgrade-php8-3-cli ubuntu-pro-upgrade-php8-3-fpm ubuntu-pro-upgrade-php8-3-mysql References https://attackerkb.com/topics/cve-2024-8932 CVE - 2024-8932 USN-7157-1 USN-7157-2 USN-7157-3

Foxit Reader: AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2024-9253) Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24492. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9253 CVE - 2024-9253 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1305/

Foxit Reader: Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2024-9247) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24173. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9247 CVE - 2024-9247 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1300/

OS X update for JavaScriptCore (CVE-2024-44308) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 11/23/2024 Added 11/22/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. Solution(s) apple-osx-upgrade-15_1_1 References https://attackerkb.com/topics/cve-2024-44308 CVE - 2024-44308 https://support.apple.com/en-us/121753

Foxit Reader: AcroForm Use-After-Free Information Disclosure Vulnerability (CVE-2024-9252) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24491. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9252 CVE - 2024-9252 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1304/

Foxit Reader: Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability (CVE-2024-9245) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/22/2024 Created 12/11/2024 Added 12/10/2024 Modified 01/28/2025 Description Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-23966. Solution(s) foxit-reader-upgrade-latest References https://attackerkb.com/topics/cve-2024-9245 CVE - 2024-9245 https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-1297/

SUSE: CVE-2024-8929: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/22/2024 Created 01/01/2025 Added 12/31/2024 Modified 12/31/2024 Description In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-ffi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-fpm-apache suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2024-8929 CVE - 2024-8929

7-Zip: CVE-2024-11477: CWE-191 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/22/2024 Created 11/26/2024 Added 11/25/2024 Modified 12/19/2024 Description 7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346. Solution(s) 7-zip-7-zip-upgrade-latest References https://attackerkb.com/topics/cve-2024-11477 CVE - 2024-11477 https://www.zerodayinitiative.com/advisories/ZDI-24-1532/