ISHACK AI BOT

Alma Linux: CVE-2024-8385: Important: firefox security update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/24/2024 Added 09/23/2024 Modified 01/28/2025 Description A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-8385 CVE - 2024-8385 https://errata.almalinux.org/8/ALSA-2024-6682.html https://errata.almalinux.org/8/ALSA-2024-6684.html https://errata.almalinux.org/9/ALSA-2024-6681.html https://errata.almalinux.org/9/ALSA-2024-6683.html

Rocky Linux: CVE-2024-8387: thunderbird (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/18/2024 Added 09/17/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-8387 CVE - 2024-8387 https://errata.rockylinux.org/RLSA-2024:6681 https://errata.rockylinux.org/RLSA-2024:6682 https://errata.rockylinux.org/RLSA-2024:6683 https://errata.rockylinux.org/RLSA-2024:6684

FreeBSD: VID-7E079CE2-6B51-11EF-9A62-002590C1F29C (CVE-2024-43102): FreeBSD -- umtx Kernel panic or Use-After-Free Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/04/2024 Created 09/10/2024 Added 09/06/2024 Modified 01/28/2025 Description Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too early. A malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape. Solution(s) freebsd-upgrade-base-13_3-release-p6 freebsd-upgrade-base-14_0-release-p10 freebsd-upgrade-base-14_1-release-p4 References CVE-2024-43102

Ubuntu: (Multiple Advisories) (CVE-2024-8386): Firefox vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/03/2024 Created 09/07/2024 Added 09/06/2024 Modified 01/28/2025 Description If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-8386 CVE - 2024-8386 USN-6992-1 USN-6992-2

FreeBSD: VID-56D76414-6B50-11EF-9A62-002590C1F29C (CVE-2024-41928): FreeBSD -- bhyve(8) privileged guest escape via TPM device passthrough Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/04/2024 Created 09/10/2024 Added 09/06/2024 Modified 09/06/2024 Description Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. Solution(s) freebsd-upgrade-base-14_0-release-p10 freebsd-upgrade-base-14_1-release-p4 References CVE-2024-41928

Rocky Linux: CVE-2024-8382: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/18/2024 Added 09/17/2024 Modified 01/28/2025 Description Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-8382 CVE - 2024-8382 https://errata.rockylinux.org/RLSA-2024:6681 https://errata.rockylinux.org/RLSA-2024:6682 https://errata.rockylinux.org/RLSA-2024:6683 https://errata.rockylinux.org/RLSA-2024:6684

Rocky Linux: CVE-2024-44989: kernel-rt (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/04/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference We shouldn't set real_dev to NULL because packets can be in transit and xfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume real_dev is set. Example trace: kernel: BUG: unable to handle page fault for address: 0000000000001030 kernel: bond0: (slave eni0np1): making interface the new active one kernel: #PF: supervisor write access in kernel mode kernel: #PF: error_code(0x0002) - not-present page kernel: PGD 0 P4D 0 kernel: Oops: 0002 [#1] PREEMPT SMP kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12 kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: Code: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f kernel: bond0: (slave eni0np1): making interface the new active one kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60 kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00 kernel: RBP: ffff9eb3c0a42000 R08: 0000000000000010 R09: 0000000000000014 kernel: R10: 7974203030303030 R11: 3030303030303030 R12: 0000000000000000 kernel: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000 kernel: FS:00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000 kernel: CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0 kernel: bond0: (slave eni0np1): making interface the new active one kernel: Call Trace: kernel:<TASK> kernel:? __die+0x1f/0x60 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel:? page_fault_oops+0x142/0x4c0 kernel:? do_user_addr_fault+0x65/0x670 kernel:? kvm_read_and_reset_apf_flags+0x3b/0x50 kernel: bond0: (slave eni0np1): making interface the new active one kernel:? exc_page_fault+0x7b/0x180 kernel:? asm_exc_page_fault+0x22/0x30 kernel:? nsim_bpf_uninit+0x50/0x50 [netdevsim] kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel:? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (slave eni0np1): making interface the new active one kernel:bond_ipsec_offload_ok+0x7b/0x90 [bonding] kernel:xfrm_output+0x61/0x3b0 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel:ip_push_pending_frames+0x56/0x80 Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-44989 CVE - 2024-44989 https://errata.rockylinux.org/RLSA-2024:8856 https://errata.rockylinux.org/RLSA-2024:8870

Alma Linux: CVE-2024-44989: Moderate: kernel security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 09/04/2024 Created 11/08/2024 Added 11/07/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference We shouldn't set real_dev to NULL because packets can be in transit and xfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume real_dev is set. Example trace: kernel: BUG: unable to handle page fault for address: 0000000000001030 kernel: bond0: (slave eni0np1): making interface the new active one kernel: #PF: supervisor write access in kernel mode kernel: #PF: error_code(0x0002) - not-present page kernel: PGD 0 P4D 0 kernel: Oops: 0002 [#1] PREEMPT SMP kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12 kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: Code: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f kernel: bond0: (slave eni0np1): making interface the new active one kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel: kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60 kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00 kernel: RBP: ffff9eb3c0a42000 R08: 0000000000000010 R09: 0000000000000014 kernel: R10: 7974203030303030 R11: 3030303030303030 R12: 0000000000000000 kernel: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000 kernel: FS:00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000 kernel: CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0 kernel: bond0: (slave eni0np1): making interface the new active one kernel: Call Trace: kernel:<TASK> kernel:? __die+0x1f/0x60 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel:? page_fault_oops+0x142/0x4c0 kernel:? do_user_addr_fault+0x65/0x670 kernel:? kvm_read_and_reset_apf_flags+0x3b/0x50 kernel: bond0: (slave eni0np1): making interface the new active one kernel:? exc_page_fault+0x7b/0x180 kernel:? asm_exc_page_fault+0x22/0x30 kernel:? nsim_bpf_uninit+0x50/0x50 [netdevsim] kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel:? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim] kernel: bond0: (slave eni0np1): making interface the new active one kernel:bond_ipsec_offload_ok+0x7b/0x90 [bonding] kernel:xfrm_output+0x61/0x3b0 kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA kernel:ip_push_pending_frames+0x56/0x80 Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-44989 CVE - 2024-44989 https://errata.almalinux.org/8/ALSA-2024-8856.html https://errata.almalinux.org/8/ALSA-2024-8870.html

Rocky Linux: CVE-2024-6119: edk2 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 10/03/2024 Added 10/02/2024 Modified 11/19/2024 Description Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain.So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Solution(s) rocky-upgrade-edk2-tools rocky-upgrade-edk2-tools-debuginfo rocky-upgrade-openssl rocky-upgrade-openssl-debuginfo rocky-upgrade-openssl-debugsource rocky-upgrade-openssl-devel rocky-upgrade-openssl-libs rocky-upgrade-openssl-libs-debuginfo rocky-upgrade-openssl-perl References https://attackerkb.com/topics/cve-2024-6119 CVE - 2024-6119 https://errata.rockylinux.org/RLSA-2024:6783 https://errata.rockylinux.org/RLSA-2024:8935

Gentoo Linux: CVE-2024-8381: Mozilla Firefox: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) gentoo-linux-upgrade-dev-lang-spidermonkey gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-8381 CVE - 2024-8381 202412-04 202412-06 202412-13

VMware Fusion: Vulnerability (VMSA-2024-0018) (CVE-2024-38811) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/03/2024 Created 09/07/2024 Added 09/06/2024 Modified 01/28/2025 Description VMware Fusion (13.x before 13.6) contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application. Solution(s) vmware-fusion-upgrade-13_6_0 References https://attackerkb.com/topics/cve-2024-38811 CVE - 2024-38811 http://www.vmware.com/security/advisories/VMSA-2024-0018.html

Gentoo Linux: CVE-2024-8386: Mozilla Firefox: Multiple Vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/03/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) gentoo-linux-upgrade-dev-lang-spidermonkey gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-8386 CVE - 2024-8386 202412-04 202412-06 202412-13

Alpine Linux: CVE-2024-45310: Vulnerability in Multiple Components Severity 2 CVSS (AV:L/AC:M/Au:N/C:N/I:P/A:N) Published 09/03/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/02/2024 Description runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with `os.MkdirAll`. While this could be used to create empty files, existing files would not be truncated. An attacker must have the ability to start containers using some kind of custom volume configuration. Containers using user namespaces are still affected, but the scope of places an attacker can create inodes can be significantly reduced. Sufficiently strict LSM policies (SELinux/Apparmor) can also in principle block this attack -- we suspect the industry standard SELinux policy may restrict this attack's scope but the exact scope of protection hasn't been analysed. This is exploitable using runc directly as well as through Docker and Kubernetes. The issue is fixed in runc v1.1.14 and v1.2.0-rc3. Some workarounds are available. Using user namespaces restricts this attack fairly significantly such that the attacker can only create inodes in directories that the remapped root user/group has write access to. Unless the root user is remapped to an actual user on the host (such as with rootless containers that don't use `/etc/sub[ug]id`), this in practice means that an attacker would only be able to create inodes in world-writable directories. A strict enough SELinux or AppArmor policy could in principle also restrict the scope if a specific label is applied to the runc runtime, though neither the extent to which the standard existing policies block this attack nor what exact policies are needed to sufficiently restrict this attack have been thoroughly tested. Solution(s) alpine-linux-upgrade-runc References https://attackerkb.com/topics/cve-2024-45310 CVE - 2024-45310 https://security.alpinelinux.org/vuln/CVE-2024-45310

Debian: CVE-2024-6232: python3.11, python3.9 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) debian-upgrade-python3-11 debian-upgrade-python3-9 References https://attackerkb.com/topics/cve-2024-6232 CVE - 2024-6232 DLA-3980-1

Debian: CVE-2024-6119: openssl -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 09/06/2024 Added 09/05/2024 Modified 09/05/2024 Description Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain.So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Solution(s) debian-upgrade-openssl References https://attackerkb.com/topics/cve-2024-6119 CVE - 2024-6119 DSA-5764-1

Gentoo Linux: CVE-2024-8389: Mozilla Firefox: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130. Solution(s) gentoo-linux-upgrade-dev-lang-spidermonkey gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-8389 CVE - 2024-8389 202412-04 202412-06 202412-13

Debian: CVE-2024-8384: firefox-esr, thunderbird -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/06/2024 Added 09/05/2024 Modified 01/28/2025 Description The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) debian-upgrade-firefox-esr debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-8384 CVE - 2024-8384 DLA-3869-1 DSA-5765-1

Debian: CVE-2024-8381: firefox-esr, thunderbird -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/06/2024 Added 09/05/2024 Modified 01/28/2025 Description A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) debian-upgrade-firefox-esr debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-8381 CVE - 2024-8381 DLA-3869-1 DSA-5765-1

Debian: CVE-2024-7970: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/07/2024 Added 09/06/2024 Modified 01/28/2025 Description Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-7970 CVE - 2024-7970 DSA-5766-1

Alpine Linux: CVE-2024-6119: Vulnerability in Multiple Components Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/01/2024 Description Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain.So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Solution(s) alpine-linux-upgrade-openssl References https://attackerkb.com/topics/cve-2024-6119 CVE - 2024-6119 https://security.alpinelinux.org/vuln/CVE-2024-6119

Rocky Linux: CVE-2024-8384: thunderbird (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/18/2024 Added 09/17/2024 Modified 01/28/2025 Description The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2024-8384 CVE - 2024-8384 https://errata.rockylinux.org/RLSA-2024:6681 https://errata.rockylinux.org/RLSA-2024:6682 https://errata.rockylinux.org/RLSA-2024:6683 https://errata.rockylinux.org/RLSA-2024:6684

Microsoft Edge Chromium: CVE-2024-7970 Out of bounds write in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/14/2024 Added 09/13/2024 Modified 01/28/2025 Description Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-7970 CVE - 2024-7970 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7970

Red Hat: CVE-2024-8383: mozilla: Firefox did not ask before openings news: links in an external application (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/03/2024 Created 09/18/2024 Added 09/18/2024 Modified 09/18/2024 Description Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 References CVE-2024-8383 RHSA-2024:6681 RHSA-2024:6682

Rocky Linux: CVE-2024-6232: python3.11 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) rocky-upgrade-cython-debugsource rocky-upgrade-numpy-debugsource rocky-upgrade-platform-python rocky-upgrade-platform-python-debug rocky-upgrade-platform-python-devel rocky-upgrade-python-cffi-debugsource rocky-upgrade-python-cryptography-debugsource rocky-upgrade-python-lxml-debugsource rocky-upgrade-python-psutil-debugsource rocky-upgrade-python-psycopg2-debugsource rocky-upgrade-python3 rocky-upgrade-python3-debug rocky-upgrade-python3-debuginfo rocky-upgrade-python3-debugsource rocky-upgrade-python3-devel rocky-upgrade-python3-idle rocky-upgrade-python3-libs rocky-upgrade-python3-test rocky-upgrade-python3-tkinter rocky-upgrade-python3.11 rocky-upgrade-python3.11-debug rocky-upgrade-python3.11-debuginfo rocky-upgrade-python3.11-debugsource rocky-upgrade-python3.11-devel rocky-upgrade-python3.11-idle rocky-upgrade-python3.11-libs rocky-upgrade-python3.11-test rocky-upgrade-python3.11-tkinter rocky-upgrade-python3.12 rocky-upgrade-python3.12-debug rocky-upgrade-python3.12-debuginfo rocky-upgrade-python3.12-debugsource rocky-upgrade-python3.12-devel rocky-upgrade-python3.12-idle rocky-upgrade-python3.12-libs rocky-upgrade-python3.12-test rocky-upgrade-python3.12-tkinter rocky-upgrade-python39 rocky-upgrade-python39-cffi rocky-upgrade-python39-cffi-debuginfo rocky-upgrade-python39-cryptography rocky-upgrade-python39-cryptography-debuginfo rocky-upgrade-python39-cython rocky-upgrade-python39-cython-debuginfo rocky-upgrade-python39-debug rocky-upgrade-python39-debuginfo rocky-upgrade-python39-debugsource rocky-upgrade-python39-devel rocky-upgrade-python39-idle rocky-upgrade-python39-libs rocky-upgrade-python39-lxml rocky-upgrade-python39-lxml-debuginfo rocky-upgrade-python39-mod_wsgi rocky-upgrade-python39-numpy rocky-upgrade-python39-numpy-debuginfo rocky-upgrade-python39-numpy-f2py rocky-upgrade-python39-psutil rocky-upgrade-python39-psutil-debuginfo rocky-upgrade-python39-psycopg2 rocky-upgrade-python39-psycopg2-debuginfo rocky-upgrade-python39-psycopg2-doc rocky-upgrade-python39-psycopg2-tests rocky-upgrade-python39-pybind11 rocky-upgrade-python39-pybind11-devel rocky-upgrade-python39-pyyaml rocky-upgrade-python39-pyyaml-debuginfo rocky-upgrade-python39-scipy rocky-upgrade-python39-scipy-debuginfo rocky-upgrade-python39-test rocky-upgrade-python39-tkinter rocky-upgrade-pyyaml-debugsource rocky-upgrade-scipy-debugsource References https://attackerkb.com/topics/cve-2024-6232 CVE - 2024-6232 https://errata.rockylinux.org/RLSA-2024:6975 https://errata.rockylinux.org/RLSA-2024:8359 https://errata.rockylinux.org/RLSA-2024:8374 https://errata.rockylinux.org/RLSA-2024:8446 https://errata.rockylinux.org/RLSA-2024:8447 https://errata.rockylinux.org/RLSA-2024:8836 https://errata.rockylinux.org/RLSA-2024:8838 View more

MFSA2024-44 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.15 (CVE-2024-8384) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/10/2024 Added 09/09/2024 Modified 02/14/2025 Description The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) mozilla-thunderbird-upgrade-115_15 References https://attackerkb.com/topics/cve-2024-8384 CVE - 2024-8384 http://www.mozilla.org/security/announce/2024/mfsa2024-44.html