ISHACK AI BOT

Amazon Linux AMI 2: CVE-2024-22374: Security patch for microcode_ctl (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 09/07/2024 Added 09/06/2024 Modified 10/11/2024 Description Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2024-22374 AL2/ALAS-2024-2631 AL2/ALAS-2024-2635 CVE - 2024-22374

Ubuntu: USN-6967-1 (CVE-2024-24980): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/20/2024 Modified 11/15/2024 Description Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-24980 CVE - 2024-24980 USN-6967-1

SUSE: CVE-2023-49141: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/19/2024 Modified 08/19/2024 Description Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) suse-upgrade-ucode-intel References https://attackerkb.com/topics/cve-2023-49141 CVE - 2023-49141

SUSE: CVE-2024-42353: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 08/14/2024 Created 08/20/2024 Added 08/20/2024 Modified 01/28/2025 Description WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. `urlparse` however treats a `//` at the start of a string as a URI without a scheme, and then treats the next part as the hostname. `urljoin` will then use that hostname from the second part as the hostname replacing the original one from the request. This vulnerability is patched in WebOb version 1.8.8. Solution(s) suse-upgrade-python-webob suse-upgrade-python311-webob References https://attackerkb.com/topics/cve-2024-42353 CVE - 2024-42353

F5 Networks: CVE-2024-39809: K000140111: BIG-IP Next Central Manager vulnerability CVE-2024-39809 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/14/2024 Created 08/27/2024 Added 08/23/2024 Modified 01/28/2025 Description The Central Manager user session refresh token does not expire when a user logs out. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-39809 CVE - 2024-39809 https://my.f5.com/manage/s/article/K000140111

Amazon Linux AMI 2: CVE-2024-7347: Security patch for nginx (ALASNGINX1-2024-007) Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 08/14/2024 Created 09/06/2024 Added 09/05/2024 Modified 01/28/2025 Description NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) amazon-linux-ami-2-upgrade-nginx amazon-linux-ami-2-upgrade-nginx-all-modules amazon-linux-ami-2-upgrade-nginx-core amazon-linux-ami-2-upgrade-nginx-debuginfo amazon-linux-ami-2-upgrade-nginx-filesystem amazon-linux-ami-2-upgrade-nginx-mod-devel amazon-linux-ami-2-upgrade-nginx-mod-http-geoip amazon-linux-ami-2-upgrade-nginx-mod-http-image-filter amazon-linux-ami-2-upgrade-nginx-mod-http-perl amazon-linux-ami-2-upgrade-nginx-mod-http-xslt-filter amazon-linux-ami-2-upgrade-nginx-mod-mail amazon-linux-ami-2-upgrade-nginx-mod-stream References https://attackerkb.com/topics/cve-2024-7347 AL2/ALASNGINX1-2024-007 CVE - 2024-7347

F5 Networks: CVE-2024-41723: K10438187: BIG-IP iControl REST vulnerability CVE-2024-41723 Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 08/14/2024 Created 08/27/2024 Added 08/23/2024 Modified 01/28/2025 Description Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-41723 CVE - 2024-41723 https://my.f5.com/manage/s/article/K10438187

Debian: CVE-2024-24980: intel-microcode -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 09/03/2024 Added 09/02/2024 Modified 09/02/2024 Description Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) debian-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-24980 CVE - 2024-24980

VMware Photon OS: CVE-2024-42259 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/14/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritten in a clearer and more understandable form. [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem: Adjust vma offset for framebuffer mmap offset") (cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-42259 CVE - 2024-42259

F5 Networks: CVE-2024-41164: K000138477: BIG-IP MPTCP vulnerability CVE-2024-41164 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/14/2024 Created 08/27/2024 Added 08/23/2024 Modified 01/28/2025 Description When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-41164 CVE - 2024-41164 https://my.f5.com/manage/s/article/K000138477

Ubuntu: USN-6967-1 (CVE-2024-24853): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/20/2024 Modified 11/15/2024 Description Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-24853 CVE - 2024-24853 USN-6967-1

Ubuntu: USN-6967-1 (CVE-2024-25939): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/20/2024 Modified 11/15/2024 Description Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-25939 CVE - 2024-25939 USN-6967-1

Ubuntu: USN-6967-1 (CVE-2023-42667): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/20/2024 Modified 11/15/2024 Description Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2023-42667 CVE - 2023-42667 USN-6967-1

Amazon Linux 2023: CVE-2024-7347: Medium priority package update for nginx Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 08/14/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. A flaw was found in the ngx_http_mp4_module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service. Solution(s) amazon-linux-2023-upgrade-nginx amazon-linux-2023-upgrade-nginx-all-modules amazon-linux-2023-upgrade-nginx-core amazon-linux-2023-upgrade-nginx-core-debuginfo amazon-linux-2023-upgrade-nginx-debuginfo amazon-linux-2023-upgrade-nginx-debugsource amazon-linux-2023-upgrade-nginx-filesystem amazon-linux-2023-upgrade-nginx-mod-devel amazon-linux-2023-upgrade-nginx-mod-http-image-filter amazon-linux-2023-upgrade-nginx-mod-http-image-filter-debuginfo amazon-linux-2023-upgrade-nginx-mod-http-perl amazon-linux-2023-upgrade-nginx-mod-http-perl-debuginfo amazon-linux-2023-upgrade-nginx-mod-http-xslt-filter amazon-linux-2023-upgrade-nginx-mod-http-xslt-filter-debuginfo amazon-linux-2023-upgrade-nginx-mod-mail amazon-linux-2023-upgrade-nginx-mod-mail-debuginfo amazon-linux-2023-upgrade-nginx-mod-stream amazon-linux-2023-upgrade-nginx-mod-stream-debuginfo References https://attackerkb.com/topics/cve-2024-7347 CVE - 2024-7347 https://alas.aws.amazon.com/AL2023/ALAS-2024-707.html

Amazon Linux 2023: CVE-2024-22374: Medium priority package update for microcode_ctl (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/14/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access. Solution(s) amazon-linux-2023-upgrade-microcode-ctl References https://attackerkb.com/topics/cve-2024-22374 CVE - 2024-22374 https://alas.aws.amazon.com/AL2023/ALAS-2024-712.html https://alas.aws.amazon.com/AL2023/ALAS-2024-716.html

IBM WebSphere Application Server: CVE-2023-50315: Vulnerable to an information disclosure Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 08/14/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks.An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information.IBM X-Force ID:274714. Solution(s) ibm-was-install-8-5-0-0-ph58798 ibm-was-install-9-0-0-0-ph58798 ibm-was-upgrade-8-5-0-0-8-5-5-27 ibm-was-upgrade-9-0-0-0-9-0-5-21 References https://attackerkb.com/topics/cve-2023-50315 CVE - 2023-50315 https://exchange.xforce.ibmcloud.com/vulnerabilities/274714 https://www.ibm.com/support/pages/node/7165511

PAN-OS: Cleartext Exposure of External System Secrets Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 08/14/2024 Created 08/16/2024 Added 08/15/2024 Modified 01/28/2025 Description Deprecated Solution(s)

VMware Photon OS: CVE-2024-42353 Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/14/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. `urlparse` however treats a `//` at the start of a string as a URI without a scheme, and then treats the next part as the hostname. `urljoin` will then use that hostname from the second part as the hostname replacing the original one from the request. This vulnerability is patched in WebOb version 1.8.8. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-42353 CVE - 2024-42353

SUSE: CVE-2024-24980: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/19/2024 Modified 08/19/2024 Description Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) suse-upgrade-ucode-intel References https://attackerkb.com/topics/cve-2024-24980 CVE - 2024-24980

Amazon Linux AMI 2: CVE-2023-49141: Security patch for microcode_ctl (ALAS-2024-2635) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 09/20/2024 Added 09/19/2024 Modified 09/19/2024 Description Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2023-49141 AL2/ALAS-2024-2635 CVE - 2023-49141

IBM WebSphere Application Server: CVE-2023-50314: IBM WebSphere Application Server Liberty is vulnerable to information disclosure (CVE-2023-50314) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 08/14/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks.An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information.IBM X-Force ID:274713. Solution(s) ibm-was-install-8-5-ph58796-liberty ibm-was-upgrade-8-5-24-0-0-9-liberty References https://attackerkb.com/topics/cve-2023-50314 CVE - 2023-50314 https://exchange.xforce.ibmcloud.com/vulnerabilities/274713 https://www.ibm.com/support/pages/node/7165502

Alpine Linux: CVE-2023-42667: Vulnerability in Multiple Components Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 08/14/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/02/2024 Description Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) alpine-linux-upgrade-intel-ucode References https://attackerkb.com/topics/cve-2023-42667 CVE - 2023-42667 https://security.alpinelinux.org/vuln/CVE-2023-42667

Ubuntu: (Multiple Advisories) (CVE-2024-7347): nginx vulnerability Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 08/14/2024 Created 09/18/2024 Added 09/17/2024 Modified 01/28/2025 Description NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) ubuntu-pro-upgrade-nginx ubuntu-pro-upgrade-nginx-common ubuntu-pro-upgrade-nginx-core ubuntu-pro-upgrade-nginx-extras ubuntu-pro-upgrade-nginx-full ubuntu-pro-upgrade-nginx-light References https://attackerkb.com/topics/cve-2024-7347 CVE - 2024-7347 USN-7014-1 USN-7014-2 USN-7014-3

SUSE: CVE-2023-42667: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/14/2024 Created 08/20/2024 Added 08/19/2024 Modified 08/19/2024 Description Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. Solution(s) suse-upgrade-ucode-intel References https://attackerkb.com/topics/cve-2023-42667 CVE - 2023-42667

F5 Networks: CVE-2024-41719: K000140006: BIG-IP Next Central Manager vulnerability CVE-2024-41719 Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 08/14/2024 Created 08/27/2024 Added 08/23/2024 Modified 01/28/2025 Description When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM),F5 iHealth credentials will be logged in the BIG-IP Central Manager logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-41719 CVE - 2024-41719 https://my.f5.com/manage/s/article/K000140006