ISHACK AI BOT

Red Hat: CVE-2024-8382: mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/18/2024 Added 09/18/2024 Modified 09/18/2024 Description Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2024-8382 RHSA-2024:6681 RHSA-2024:6682 RHSA-2024:6683 RHSA-2024:6684 RHSA-2024:6719 RHSA-2024:6720 View more

Amazon Linux AMI 2: CVE-2024-8381: Security patch for firefox, thunderbird (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/20/2024 Added 09/19/2024 Modified 01/28/2025 Description A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2024-8381 AL2/ALAS-2024-2638 AL2/ALASFIREFOX-2024-029 CVE - 2024-8381

Rocky Linux: CVE-2024-8383: firefox (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/03/2024 Created 09/18/2024 Added 09/17/2024 Modified 01/30/2025 Description Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 References https://attackerkb.com/topics/cve-2024-8383 CVE - 2024-8383 https://errata.rockylinux.org/RLSA-2024:6681 https://errata.rockylinux.org/RLSA-2024:6682

Gentoo Linux: CVE-2024-8383: Mozilla Firefox: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/03/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/30/2025 Description Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. Solution(s) gentoo-linux-upgrade-dev-lang-spidermonkey gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-8383 CVE - 2024-8383 202412-04 202412-06 202412-13

Gentoo Linux: CVE-2024-8385: Mozilla Firefox: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) gentoo-linux-upgrade-dev-lang-spidermonkey gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-8385 CVE - 2024-8385 202412-04 202412-06 202412-13

Huawei EulerOS: CVE-2024-45310: docker-runc security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 11/12/2024 Added 11/11/2024 Modified 11/11/2024 Description runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with `os.MkdirAll`. While this could be used to create empty files, existing files would not be truncated. An attacker must have the ability to start containers using some kind of custom volume configuration. Containers using user namespaces are still affected, but the scope of places an attacker can create inodes can be significantly reduced. Sufficiently strict LSM policies (SELinux/Apparmor) can also in principle block this attack -- we suspect the industry standard SELinux policy may restrict this attack's scope but the exact scope of protection hasn't been analysed. This is exploitable using runc directly as well as through Docker and Kubernetes. The issue is fixed in runc v1.1.14 and v1.2.0-rc3. Some workarounds are available. Using user namespaces restricts this attack fairly significantly such that the attacker can only create inodes in directories that the remapped root user/group has write access to. Unless the root user is remapped to an actual user on the host (such as with rootless containers that don't use `/etc/sub[ug]id`), this in practice means that an attacker would only be able to create inodes in world-writable directories. A strict enough SELinux or AppArmor policy could in principle also restrict the scope if a specific label is applied to the runc runtime, though neither the extent to which the standard existing policies block this attack nor what exact policies are needed to sufficiently restrict this attack have been thoroughly tested. Solution(s) huawei-euleros-2_0_sp9-upgrade-docker-runc References https://attackerkb.com/topics/cve-2024-45310 CVE - 2024-45310 EulerOS-SA-2024-2826

Red Hat: CVE-2024-6232: python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 09/25/2024 Added 09/24/2024 Modified 11/13/2024 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) redhat-upgrade-cython-debugsource redhat-upgrade-numpy-debugsource redhat-upgrade-platform-python redhat-upgrade-platform-python-debug redhat-upgrade-platform-python-devel redhat-upgrade-python-cffi-debugsource redhat-upgrade-python-cryptography-debugsource redhat-upgrade-python-lxml-debugsource redhat-upgrade-python-psutil-debugsource redhat-upgrade-python-psycopg2-debugsource redhat-upgrade-python-unversioned-command redhat-upgrade-python3 redhat-upgrade-python3-11 redhat-upgrade-python3-11-debug redhat-upgrade-python3-11-debuginfo redhat-upgrade-python3-11-debugsource redhat-upgrade-python3-11-devel redhat-upgrade-python3-11-idle redhat-upgrade-python3-11-libs redhat-upgrade-python3-11-rpm-macros redhat-upgrade-python3-11-test redhat-upgrade-python3-11-tkinter redhat-upgrade-python3-12 redhat-upgrade-python3-12-debug redhat-upgrade-python3-12-debuginfo redhat-upgrade-python3-12-debugsource redhat-upgrade-python3-12-devel redhat-upgrade-python3-12-idle redhat-upgrade-python3-12-libs redhat-upgrade-python3-12-rpm-macros redhat-upgrade-python3-12-test redhat-upgrade-python3-12-tkinter redhat-upgrade-python3-9-debuginfo redhat-upgrade-python3-9-debugsource redhat-upgrade-python3-debug redhat-upgrade-python3-debuginfo redhat-upgrade-python3-debugsource redhat-upgrade-python3-devel redhat-upgrade-python3-idle redhat-upgrade-python3-libs redhat-upgrade-python3-test redhat-upgrade-python3-tkinter redhat-upgrade-python39 redhat-upgrade-python39-attrs redhat-upgrade-python39-cffi redhat-upgrade-python39-cffi-debuginfo redhat-upgrade-python39-chardet redhat-upgrade-python39-cryptography redhat-upgrade-python39-cryptography-debuginfo redhat-upgrade-python39-cython redhat-upgrade-python39-cython-debuginfo redhat-upgrade-python39-debug redhat-upgrade-python39-debuginfo redhat-upgrade-python39-debugsource redhat-upgrade-python39-devel redhat-upgrade-python39-idle redhat-upgrade-python39-idna redhat-upgrade-python39-iniconfig redhat-upgrade-python39-libs redhat-upgrade-python39-lxml redhat-upgrade-python39-lxml-debuginfo redhat-upgrade-python39-mod_wsgi redhat-upgrade-python39-more-itertools redhat-upgrade-python39-numpy redhat-upgrade-python39-numpy-debuginfo redhat-upgrade-python39-numpy-doc redhat-upgrade-python39-numpy-f2py redhat-upgrade-python39-packaging redhat-upgrade-python39-pip redhat-upgrade-python39-pip-wheel redhat-upgrade-python39-pluggy redhat-upgrade-python39-ply redhat-upgrade-python39-psutil redhat-upgrade-python39-psutil-debuginfo redhat-upgrade-python39-psycopg2 redhat-upgrade-python39-psycopg2-debuginfo redhat-upgrade-python39-psycopg2-doc redhat-upgrade-python39-psycopg2-tests redhat-upgrade-python39-py redhat-upgrade-python39-pybind11 redhat-upgrade-python39-pybind11-devel redhat-upgrade-python39-pycparser redhat-upgrade-python39-pymysql redhat-upgrade-python39-pyparsing redhat-upgrade-python39-pysocks redhat-upgrade-python39-pytest redhat-upgrade-python39-pyyaml redhat-upgrade-python39-pyyaml-debuginfo redhat-upgrade-python39-requests redhat-upgrade-python39-rpm-macros redhat-upgrade-python39-scipy redhat-upgrade-python39-scipy-debuginfo redhat-upgrade-python39-setuptools redhat-upgrade-python39-setuptools-wheel redhat-upgrade-python39-six redhat-upgrade-python39-test redhat-upgrade-python39-tkinter redhat-upgrade-python39-toml redhat-upgrade-python39-urllib3 redhat-upgrade-python39-wcwidth redhat-upgrade-python39-wheel redhat-upgrade-python39-wheel-wheel redhat-upgrade-pyyaml-debugsource redhat-upgrade-scipy-debugsource References CVE-2024-6232 RHSA-2024:6909 RHSA-2024:6975 RHSA-2024:7415 RHSA-2024:7647 RHSA-2024:8359 RHSA-2024:8374 RHSA-2024:8446 RHSA-2024:8447 RHSA-2024:8504 RHSA-2024:8836 RHSA-2024:8838 RHSA-2024:9450 RHSA-2024:9451 RHSA-2024:9468 View more

MFSA2024-44 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.15 (CVE-2024-8382) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/10/2024 Added 09/09/2024 Modified 02/14/2025 Description Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) mozilla-thunderbird-upgrade-115_15 References https://attackerkb.com/topics/cve-2024-8382 CVE - 2024-8382 http://www.mozilla.org/security/announce/2024/mfsa2024-44.html

MFSA2024-43 Thunderbird: Security Vulnerabilities fixed in Thunderbird 128.2 (CVE-2024-8386) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/03/2024 Created 09/10/2024 Added 09/09/2024 Modified 01/28/2025 Description If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) mozilla-thunderbird-upgrade-128_2 References https://attackerkb.com/topics/cve-2024-8386 CVE - 2024-8386 http://www.mozilla.org/security/announce/2024/mfsa2024-43.html

Ubuntu: (Multiple Advisories) (CVE-2024-6232): Python vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 09/18/2024 Added 09/17/2024 Modified 01/28/2025 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) ubuntu-pro-upgrade-python2-7 ubuntu-pro-upgrade-python2-7-minimal ubuntu-pro-upgrade-python3-10 ubuntu-pro-upgrade-python3-10-minimal ubuntu-pro-upgrade-python3-12 ubuntu-pro-upgrade-python3-12-minimal ubuntu-pro-upgrade-python3-5 ubuntu-pro-upgrade-python3-5-minimal ubuntu-pro-upgrade-python3-8 ubuntu-pro-upgrade-python3-8-minimal References https://attackerkb.com/topics/cve-2024-6232 CVE - 2024-6232 USN-7015-1 USN-7015-2 USN-7015-3 USN-7015-4 USN-7015-5 USN-7015-6 View more

Red Hat: CVE-2024-8384: mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/18/2024 Added 09/18/2024 Modified 09/18/2024 Description The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2024-8384 RHSA-2024:6681 RHSA-2024:6682 RHSA-2024:6683 RHSA-2024:6684 RHSA-2024:6719 RHSA-2024:6720 View more

Red Hat: CVE-2024-8386: mozilla: SelectElements could be shown over another site if popups are allowed (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 09/03/2024 Created 09/18/2024 Added 09/18/2024 Modified 09/18/2024 Description If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2024-8386 RHSA-2024:6681 RHSA-2024:6682 RHSA-2024:6683 RHSA-2024:6684 RHSA-2024:6719 RHSA-2024:6720 View more

Alma Linux: CVE-2024-6232: Moderate: python3.12 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 09/27/2024 Added 09/26/2024 Modified 02/13/2025 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) alma-upgrade-platform-python alma-upgrade-platform-python-debug alma-upgrade-platform-python-devel alma-upgrade-python-unversioned-command alma-upgrade-python3 alma-upgrade-python3-debug alma-upgrade-python3-devel alma-upgrade-python3-idle alma-upgrade-python3-libs alma-upgrade-python3-test alma-upgrade-python3-tkinter alma-upgrade-python3.11 alma-upgrade-python3.11-debug alma-upgrade-python3.11-devel alma-upgrade-python3.11-idle alma-upgrade-python3.11-libs alma-upgrade-python3.11-rpm-macros alma-upgrade-python3.11-test alma-upgrade-python3.11-tkinter alma-upgrade-python3.12 alma-upgrade-python3.12-debug alma-upgrade-python3.12-devel alma-upgrade-python3.12-idle alma-upgrade-python3.12-libs alma-upgrade-python3.12-rpm-macros alma-upgrade-python3.12-test alma-upgrade-python3.12-tkinter alma-upgrade-python39 alma-upgrade-python39-attrs alma-upgrade-python39-cffi alma-upgrade-python39-chardet alma-upgrade-python39-cryptography alma-upgrade-python39-cython alma-upgrade-python39-debug alma-upgrade-python39-devel alma-upgrade-python39-idle alma-upgrade-python39-idna alma-upgrade-python39-iniconfig alma-upgrade-python39-libs alma-upgrade-python39-lxml alma-upgrade-python39-mod_wsgi alma-upgrade-python39-more-itertools alma-upgrade-python39-numpy alma-upgrade-python39-numpy-doc alma-upgrade-python39-numpy-f2py alma-upgrade-python39-packaging alma-upgrade-python39-pip alma-upgrade-python39-pip-wheel alma-upgrade-python39-pluggy alma-upgrade-python39-ply alma-upgrade-python39-psutil alma-upgrade-python39-psycopg2 alma-upgrade-python39-psycopg2-doc alma-upgrade-python39-psycopg2-tests alma-upgrade-python39-py alma-upgrade-python39-pybind11 alma-upgrade-python39-pybind11-devel alma-upgrade-python39-pycparser alma-upgrade-python39-pymysql alma-upgrade-python39-pyparsing alma-upgrade-python39-pysocks alma-upgrade-python39-pytest alma-upgrade-python39-pyyaml alma-upgrade-python39-requests alma-upgrade-python39-rpm-macros alma-upgrade-python39-scipy alma-upgrade-python39-setuptools alma-upgrade-python39-setuptools-wheel alma-upgrade-python39-six alma-upgrade-python39-test alma-upgrade-python39-tkinter alma-upgrade-python39-toml alma-upgrade-python39-urllib3 alma-upgrade-python39-wcwidth alma-upgrade-python39-wheel alma-upgrade-python39-wheel-wheel References https://attackerkb.com/topics/cve-2024-6232 CVE - 2024-6232 https://errata.almalinux.org/8/ALSA-2024-6975.html https://errata.almalinux.org/8/ALSA-2024-8359.html https://errata.almalinux.org/8/ALSA-2024-8836.html https://errata.almalinux.org/8/ALSA-2024-8838.html https://errata.almalinux.org/9/ALSA-2024-8374.html https://errata.almalinux.org/9/ALSA-2024-8446.html https://errata.almalinux.org/9/ALSA-2024-8447.html https://errata.almalinux.org/9/ALSA-2024-9450.html https://errata.almalinux.org/9/ALSA-2024-9451.html https://errata.almalinux.org/9/ALSA-2024-9468.html View more

Red Hat OpenShift: CVE-2024-6119: openssl: Possible denial of service in X.509 name checks Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 10/10/2024 Added 10/10/2024 Modified 12/17/2024 Description Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain.So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Solution(s) linuxrpm-upgrade-rhcos References https://attackerkb.com/topics/cve-2024-6119 CVE - 2024-6119 RHSA-2024:10135 RHSA-2024:10818 RHSA-2024:11109 RHSA-2024:6783 RHSA-2024:7213 RHSA-2024:7599 RHSA-2024:8935 View more

Huawei EulerOS: CVE-2024-6232: python3 security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/28/2025 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) huawei-euleros-2_0_sp12-upgrade-python3 huawei-euleros-2_0_sp12-upgrade-python3-fgo huawei-euleros-2_0_sp12-upgrade-python3-unversioned-command References https://attackerkb.com/topics/cve-2024-6232 CVE - 2024-6232 EulerOS-SA-2024-2957

SUSE: CVE-2024-8386: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/03/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-8386 CVE - 2024-8386

SUSE: CVE-2024-8362: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-8362 CVE - 2024-8362

Debian: CVE-2024-45618: opensc -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 12/31/2024 Added 12/30/2024 Modified 12/30/2024 Description A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. Solution(s) debian-upgrade-opensc References https://attackerkb.com/topics/cve-2024-45618 CVE - 2024-45618 DLA-4004-1

VMware Photon OS: CVE-2024-45310 Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:P/A:N) Published 09/03/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with `os.MkdirAll`. While this could be used to create empty files, existing files would not be truncated. An attacker must have the ability to start containers using some kind of custom volume configuration. Containers using user namespaces are still affected, but the scope of places an attacker can create inodes can be significantly reduced. Sufficiently strict LSM policies (SELinux/Apparmor) can also in principle block this attack -- we suspect the industry standard SELinux policy may restrict this attack's scope but the exact scope of protection hasn't been analysed. This is exploitable using runc directly as well as through Docker and Kubernetes. The issue is fixed in runc v1.1.14 and v1.2.0-rc3. Some workarounds are available. Using user namespaces restricts this attack fairly significantly such that the attacker can only create inodes in directories that the remapped root user/group has write access to. Unless the root user is remapped to an actual user on the host (such as with rootless containers that don't use `/etc/sub[ug]id`), this in practice means that an attacker would only be able to create inodes in world-writable directories. A strict enough SELinux or AppArmor policy could in principle also restrict the scope if a specific label is applied to the runc runtime, though neither the extent to which the standard existing policies block this attack nor what exact policies are needed to sufficiently restrict this attack have been thoroughly tested. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-45310 CVE - 2024-45310

SUSE: CVE-2024-7970: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-7970 CVE - 2024-7970

Amazon Linux AMI 2: CVE-2024-45620: Security patch for opensc (ALAS-2024-2709) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/03/2024 Created 12/21/2024 Added 12/20/2024 Modified 12/20/2024 Description A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. Solution(s) amazon-linux-ami-2-upgrade-opensc amazon-linux-ami-2-upgrade-opensc-debuginfo References https://attackerkb.com/topics/cve-2024-45620 AL2/ALAS-2024-2709 CVE - 2024-45620

FreeBSD: VID-A3A1CAF5-6BA1-11EF-B9E8-B42E991FC52E (CVE-2024-8387): firefox -- multiple vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/10/2024 Added 09/06/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) freebsd-upgrade-package-firefox References CVE-2024-8387

Ubuntu: (Multiple Advisories) (CVE-2024-8382): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/03/2024 Created 09/07/2024 Added 09/06/2024 Modified 01/28/2025 Description Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-8382 CVE - 2024-8382 USN-6992-1 USN-6992-2 USN-6995-1

FreeBSD: VID-A3A1CAF5-6BA1-11EF-B9E8-B42E991FC52E (CVE-2024-8386): firefox -- multiple vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 09/03/2024 Created 09/10/2024 Added 09/06/2024 Modified 01/28/2025 Description If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Solution(s) freebsd-upgrade-package-firefox References CVE-2024-8386

F5 Networks: CVE-2024-6232: K000148252: Python tarfile vulnerability CVE-2024-6232 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/03/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-6232 CVE - 2024-6232 https://my.f5.com/manage/s/article/K000148252