ISHACK AI BOT

IBM AIX: python_advisory13 (CVE-2024-45491): Vulnerability in python affects AIX Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/30/2024 Created 11/07/2024 Added 11/06/2024 Modified 01/28/2025 Description An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Solution(s) ibm-aix-python_advisory13 References https://attackerkb.com/topics/cve-2024-45491 CVE - 2024-45491 https://aix.software.ibm.com/aix/efixes/security/python_advisory13.asc

FreeBSD: (Multiple Advisories) (CVE-2024-45491): qt6-webengine -- Multiple vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/30/2024 Created 10/01/2024 Added 09/29/2024 Modified 01/28/2025 Description An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Solution(s) freebsd-upgrade-package-expat freebsd-upgrade-package-qt5-webengine freebsd-upgrade-package-qt6-webengine References CVE-2024-45491

Amazon Linux AMI 2: CVE-2021-4442: Security patch for kernel (ALASKERNEL-5.4-2022-002) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/29/2024 Created 09/17/2024 Added 09/16/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data in the receive queue. mprotect(0x4aa000, 12288, PROT_READ)= 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(3, SOL_TCP, TCP_REPAIR_QUEUE, [1], 4) = 0 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="0x0000000000000003\0\0", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 20 setsockopt(3, SOL_TCP, TCP_REPAIR, [0], 4) = 0 setsockopt(3, SOL_TCP, TCP_QUEUE_SEQ, [128], 4) = 0 recvfrom(3, NULL, 20, 0, NULL, NULL)= -1 ECONNRESET (Connection reset by peer) syslog shows: [111.205099] TCP recvmsg seq # bug 2: copied 80, seq 0, rcvnxt 80, fl 0 [111.207894] WARNING: CPU: 1 PID: 356 at net/ipv4/tcp.c:2343 tcp_recvmsg_locked+0x90e/0x29a0 This should not be allowed. TCP_QUEUE_SEQ should only be used when queues are empty. This patch fixes this case, and the tx path as well. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2021-4442 AL2/ALASKERNEL-5.4-2022-002 CVE - 2021-4442

Ubuntu: (CVE-2024-8235): libvirt vulnerability Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/30/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon. Solution(s) ubuntu-upgrade-libvirt References https://attackerkb.com/topics/cve-2024-8235 CVE - 2024-8235 https://access.redhat.com/security/cve/CVE-2024-8235 https://bugzilla.redhat.com/show_bug.cgi?id=2308680 https://lists.libvirt.org/archives/list/[email protected]/thread/X6WOVCL6QF3FQRFIIXL736RFZVSUWLWJ/ https://www.cve.org/CVERecord?id=CVE-2024-8235

Oracle Linux: CVE-2024-8235: ELSA-2024-9128:libvirt security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/29/2024 Created 11/23/2024 Added 11/21/2024 Modified 12/12/2024 Description A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon. Solution(s) oracle-linux-upgrade-libvirt oracle-linux-upgrade-libvirt-client oracle-linux-upgrade-libvirt-client-qemu oracle-linux-upgrade-libvirt-daemon oracle-linux-upgrade-libvirt-daemon-common oracle-linux-upgrade-libvirt-daemon-config-network oracle-linux-upgrade-libvirt-daemon-config-nwfilter oracle-linux-upgrade-libvirt-daemon-driver-interface oracle-linux-upgrade-libvirt-daemon-driver-network oracle-linux-upgrade-libvirt-daemon-driver-nodedev oracle-linux-upgrade-libvirt-daemon-driver-nwfilter oracle-linux-upgrade-libvirt-daemon-driver-qemu oracle-linux-upgrade-libvirt-daemon-driver-secret oracle-linux-upgrade-libvirt-daemon-driver-storage oracle-linux-upgrade-libvirt-daemon-driver-storage-core oracle-linux-upgrade-libvirt-daemon-driver-storage-disk oracle-linux-upgrade-libvirt-daemon-driver-storage-iscsi oracle-linux-upgrade-libvirt-daemon-driver-storage-logical oracle-linux-upgrade-libvirt-daemon-driver-storage-mpath oracle-linux-upgrade-libvirt-daemon-driver-storage-rbd oracle-linux-upgrade-libvirt-daemon-driver-storage-scsi oracle-linux-upgrade-libvirt-daemon-kvm oracle-linux-upgrade-libvirt-daemon-lock oracle-linux-upgrade-libvirt-daemon-log oracle-linux-upgrade-libvirt-daemon-plugin-lockd oracle-linux-upgrade-libvirt-daemon-plugin-sanlock oracle-linux-upgrade-libvirt-daemon-proxy oracle-linux-upgrade-libvirt-devel oracle-linux-upgrade-libvirt-docs oracle-linux-upgrade-libvirt-libs oracle-linux-upgrade-libvirt-nss oracle-linux-upgrade-libvirt-ssh-proxy References https://attackerkb.com/topics/cve-2024-8235 CVE - 2024-8235 ELSA-2024-9128

SUSE: CVE-2024-8250: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/29/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file Solution(s) suse-upgrade-libwireshark15 suse-upgrade-libwireshark17 suse-upgrade-libwireshark9 suse-upgrade-libwiretap12 suse-upgrade-libwiretap14 suse-upgrade-libwiretap7 suse-upgrade-libwscodecs1 suse-upgrade-libwsutil13 suse-upgrade-libwsutil15 suse-upgrade-libwsutil8 suse-upgrade-wireshark suse-upgrade-wireshark-devel suse-upgrade-wireshark-gtk suse-upgrade-wireshark-ui-qt References https://attackerkb.com/topics/cve-2024-8250 CVE - 2024-8250

Progress WhatsUp Gold Vulnerability (CVE-2024-6672): SQL Injection Privilege Escalation Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/29/2024 Created 09/20/2024 Added 09/19/2024 Modified 09/20/2024 Description In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password. Solution(s) progress-whatsup-gold-upgrade-latest References https://attackerkb.com/topics/cve-2024-6672 CVE - 2024-6672 https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024

Ubuntu: USN-7192-1 (CVE-2024-43700): xfpt vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/30/2025 Description xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment. Solution(s) ubuntu-upgrade-xfpt References https://attackerkb.com/topics/cve-2024-43700 CVE - 2024-43700 USN-7192-1

Progress WhatsUp Gold Vulnerability (CVE-2024-6670): SQL Injection Authentication Bypass Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/29/2024 Created 09/18/2024 Added 09/17/2024 Modified 09/18/2024 Description In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. Solution(s) progress-whatsup-gold-upgrade-latest References https://attackerkb.com/topics/cve-2024-6670 CVE - 2024-6670 https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024

Debian: CVE-2024-43700: xfpt -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/30/2025 Description xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment. Solution(s) debian-upgrade-xfpt References https://attackerkb.com/topics/cve-2024-43700 CVE - 2024-43700 DLA-3977-1

Alpine Linux: CVE-2024-1545: Injection Severity 6 CVSS (AV:N/AC:H/Au:S/C:C/I:P/A:P) Published 08/29/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/14/2024 Description Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure. Solution(s) alpine-linux-upgrade-wolfssl References https://attackerkb.com/topics/cve-2024-1545 CVE - 2024-1545 https://security.alpinelinux.org/vuln/CVE-2024-1545

Ubuntu: (CVE-2021-4442): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/29/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data in the receive queue. mprotect(0x4aa000, 12288, PROT_READ)= 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(3, SOL_TCP, TCP_REPAIR_QUEUE, [1], 4) = 0 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="0x0000000000000003\0\0", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 20 setsockopt(3, SOL_TCP, TCP_REPAIR, [0], 4) = 0 setsockopt(3, SOL_TCP, TCP_QUEUE_SEQ, [128], 4) = 0 recvfrom(3, NULL, 20, 0, NULL, NULL)= -1 ECONNRESET (Connection reset by peer) syslog shows: [111.205099] TCP recvmsg seq # bug 2: copied 80, seq 0, rcvnxt 80, fl 0 [111.207894] WARNING: CPU: 1 PID: 356 at net/ipv4/tcp.c:2343 tcp_recvmsg_locked+0x90e/0x29a0 This should not be allowed. TCP_QUEUE_SEQ should only be used when queues are empty. This patch fixes this case, and the tx path as well. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2021-4442 CVE - 2021-4442 https://git.kernel.org/linus/8811f4a9836e31c14ecdf79d9f3cb7c5d463265d https://git.kernel.org/stable/c/046f3c1c2ff450fb7ae53650e9a95e0074a61f3e https://git.kernel.org/stable/c/319f460237fc2965a80aa9a055044e1da7b3692a https://git.kernel.org/stable/c/3b72d5a703842f582502d97906f17d6ee122dac2 https://git.kernel.org/stable/c/3bf899438c123c444f6b644a57784dfbb6b15ad6 https://git.kernel.org/stable/c/8811f4a9836e31c14ecdf79d9f3cb7c5d463265d https://www.cve.org/CVERecord?id=CVE-2021-4442 View more

Google Chrome Vulnerability: CVE-2024-8194 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2024 Created 08/30/2024 Added 08/29/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-8194 CVE - 2024-8194

Amazon Linux 2023: CVE-2024-8250: Medium priority package update for wireshark Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/29/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file A flaw was found in wireshark. Affected versions of wireshark allow denial of service via packet injection or crafted capture file. It may be possible to cause Wireshark to crash by injecting a malformed packet onto the wire or convincing someone to read a malformed packet trace file. Solution(s) amazon-linux-2023-upgrade-wireshark-cli amazon-linux-2023-upgrade-wireshark-cli-debuginfo amazon-linux-2023-upgrade-wireshark-debugsource amazon-linux-2023-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2024-8250 CVE - 2024-8250 https://alas.aws.amazon.com/AL2023/ALAS-2025-837.html

Debian: CVE-2021-4442: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/29/2024 Created 09/03/2024 Added 09/02/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data in the receive queue. mprotect(0x4aa000, 12288, PROT_READ)= 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0 setsockopt(3, SOL_TCP, TCP_REPAIR_QUEUE, [1], 4) = 0 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="0x0000000000000003\0\0", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 20 setsockopt(3, SOL_TCP, TCP_REPAIR, [0], 4) = 0 setsockopt(3, SOL_TCP, TCP_QUEUE_SEQ, [128], 4) = 0 recvfrom(3, NULL, 20, 0, NULL, NULL)= -1 ECONNRESET (Connection reset by peer) syslog shows: [111.205099] TCP recvmsg seq # bug 2: copied 80, seq 0, rcvnxt 80, fl 0 [111.207894] WARNING: CPU: 1 PID: 356 at net/ipv4/tcp.c:2343 tcp_recvmsg_locked+0x90e/0x29a0 This should not be allowed. TCP_QUEUE_SEQ should only be used when queues are empty. This patch fixes this case, and the tx path as well. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2021-4442 CVE - 2021-4442

Google Chrome Vulnerability: CVE-2024-8198 Heap buffer overflow in Skia Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2024 Created 08/30/2024 Added 08/29/2024 Modified 01/28/2025 Description Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-8198 CVE - 2024-8198

Google Chrome Vulnerability: CVE-2024-8193 Heap buffer overflow in Skia Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/29/2024 Created 08/30/2024 Added 08/29/2024 Modified 01/28/2025 Description Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-8193 CVE - 2024-8193

Debian: CVE-2024-8193: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/28/2024 Created 09/03/2024 Added 09/02/2024 Modified 01/28/2025 Description Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-8193 CVE - 2024-8193 DSA-5761-1

FreeBSD: (Multiple Advisories) (CVE-2024-8193): electron31 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/28/2024 Created 08/31/2024 Added 08/29/2024 Modified 01/28/2025 Description Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-ungoogled-chromium References CVE-2024-8193

FreeBSD: VID-6F2545BB-65E8-11EF-8A0F-A8A1599412C6 (CVE-2024-8194): chromium -- multiple security fixes Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/28/2024 Created 08/31/2024 Added 08/29/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-8194

Microsoft Edge Chromium: CVE-2024-8198 Heap buffer overflow in Skia Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/28/2024 Created 09/14/2024 Added 09/13/2024 Modified 01/28/2025 Description Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-8198 CVE - 2024-8198 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8198

Microsoft Edge Chromium: CVE-2024-8194 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/28/2024 Created 09/14/2024 Added 09/13/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-8194 CVE - 2024-8194 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-8194

Alpine Linux: CVE-2024-8198: Out-of-bounds Write Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 08/28/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/14/2024 Description Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) alpine-linux-upgrade-qt5-qtwebengine References https://attackerkb.com/topics/cve-2024-8198 CVE - 2024-8198 https://security.alpinelinux.org/vuln/CVE-2024-8198

Huawei EulerOS: CVE-2024-45491: xmlrpc-c security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/30/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Solution(s) huawei-euleros-2_0_sp9-upgrade-xmlrpc-c-help References https://attackerkb.com/topics/cve-2024-45491 CVE - 2024-45491 EulerOS-SA-2025-1067

VMware Photon OS: CVE-2024-45490 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/30/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-45490 CVE - 2024-45490