ISHACK AI BOT

VMware Photon OS: CVE-2024-42258 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/12/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1].It is because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT. !CONFIG_64BIT should cover all 32 bit machines. [1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/ Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-42258 CVE - 2024-42258

Debian: CVE-2024-43168: unbound -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/12/2024 Created 10/01/2024 Added 09/30/2024 Modified 10/24/2024 Description DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system. Solution(s) debian-upgrade-unbound References https://attackerkb.com/topics/cve-2024-43168 CVE - 2024-43168 DLA-3903-1

Debian: CVE-2023-31315: amd64-microcode -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/12/2024 Created 09/03/2024 Added 09/02/2024 Modified 09/02/2024 Description Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. Solution(s) debian-upgrade-amd64-microcode References https://attackerkb.com/topics/cve-2023-31315 CVE - 2023-31315

Debian: CVE-2024-22123: zabbix -- security update Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 08/12/2024 Created 10/08/2024 Added 10/07/2024 Modified 01/28/2025 Description Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI. Solution(s) debian-upgrade-zabbix References https://attackerkb.com/topics/cve-2024-22123 CVE - 2024-22123 DLA-3909-1

Addressed XSS vulnerability in zimbraAdmin interface due to non sanitised parameter Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 08/12/2024 Created 01/16/2025 Added 01/10/2025 Modified 01/20/2025 Description An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. A reflected cross-site scripting (XSS) vulnerability has been identified in the Zimbra webmail admin interface. This vulnerability occurs due to inadequate input validation of the packages parameter, allowing an authenticated attacker to inject and execute arbitrary JavaScript code within the context of another user's browser session. By uploading a malicious JavaScript file and crafting a URL containing its location in the packages parameter, the attacker can exploit this vulnerability. Subsequently, when another user visits the crafted URL, the malicious JavaScript code is executed. Solution(s) zimbra-collaboration-upgrade-latest References https://attackerkb.com/topics/cve-2024-33533 CVE - 2024-33533 https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.8#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P40#Security_Fixes

An XSS vulnerability in a Calendar invite has been resolved Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/12/2024 Created 01/16/2025 Added 01/10/2025 Modified 01/20/2025 Description An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim's session, potentially leading to execution of arbitrary JavaScript code. Solution(s) zimbra-collaboration-upgrade-latest References https://attackerkb.com/topics/cve-2024-27443 CVE - 2024-27443 https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes

Debian: CVE-2024-22116: zabbix -- security update Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 08/12/2024 Created 10/08/2024 Added 10/07/2024 Modified 01/28/2025 Description An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure. Solution(s) debian-upgrade-zabbix References https://attackerkb.com/topics/cve-2024-22116 CVE - 2024-22116 DLA-3909-1

Debian: CVE-2024-22114: zabbix -- security update Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 08/12/2024 Created 10/08/2024 Added 10/07/2024 Modified 01/28/2025 Description User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. Solution(s) debian-upgrade-zabbix References https://attackerkb.com/topics/cve-2024-22114 CVE - 2024-22114 DLA-3909-1

Debian: CVE-2024-43167: unbound -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/12/2024 Created 10/01/2024 Added 09/30/2024 Modified 10/24/2024 Description DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly. Solution(s) debian-upgrade-unbound References https://attackerkb.com/topics/cve-2024-43167 CVE - 2024-43167 DLA-3903-1

Huawei EulerOS: CVE-2024-43167: unbound security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/12/2024 Created 01/14/2025 Added 01/13/2025 Modified 02/11/2025 Description DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly. Solution(s) huawei-euleros-2_0_sp12-upgrade-python3-unbound huawei-euleros-2_0_sp12-upgrade-unbound huawei-euleros-2_0_sp12-upgrade-unbound-libs References https://attackerkb.com/topics/cve-2024-43167 CVE - 2024-43167 EulerOS-SA-2025-1199

Oracle Linux: CVE-2023-31315: ELSA-2024-12579: linux-firmware security update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:M/C:C/I:C/A:C) Published 08/09/2024 Created 08/20/2024 Added 08/16/2024 Modified 12/18/2024 Description Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. A flaw was found in hw. Improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution. Solution(s) oracle-linux-upgrade-iwl1000-firmware oracle-linux-upgrade-iwl100-firmware oracle-linux-upgrade-iwl105-firmware oracle-linux-upgrade-iwl135-firmware oracle-linux-upgrade-iwl2000-firmware oracle-linux-upgrade-iwl2030-firmware oracle-linux-upgrade-iwl3160-firmware oracle-linux-upgrade-iwl3945-firmware oracle-linux-upgrade-iwl4965-firmware oracle-linux-upgrade-iwl5000-firmware oracle-linux-upgrade-iwl5150-firmware oracle-linux-upgrade-iwl6000-firmware oracle-linux-upgrade-iwl6000g2a-firmware oracle-linux-upgrade-iwl6000g2b-firmware oracle-linux-upgrade-iwl6050-firmware oracle-linux-upgrade-iwl7260-firmware oracle-linux-upgrade-iwlax2xx-firmware oracle-linux-upgrade-libertas-sd8686-firmware oracle-linux-upgrade-libertas-sd8787-firmware oracle-linux-upgrade-libertas-usb8388-firmware oracle-linux-upgrade-libertas-usb8388-olpc-firmware oracle-linux-upgrade-linux-firmware oracle-linux-upgrade-linux-firmware-core oracle-linux-upgrade-linux-firmware-whence oracle-linux-upgrade-liquidio-firmware oracle-linux-upgrade-netronome-firmware References https://attackerkb.com/topics/cve-2023-31315 CVE - 2023-31315 ELSA-2024-12579 ELSA-2024-12578 ELSA-2024-12580

Microsoft Edge Chromium: CVE-2024-38218 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/09/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/28/2025 Description Microsoft Edge (HTML-based) Memory Corruption Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-38218 CVE - 2024-38218 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218

PostgreSQL: CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 08/09/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/28/2025 Description Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. Solution(s) postgres-upgrade-13_16 postgres-upgrade-14_13 postgres-upgrade-15_8 postgres-upgrade-16_4 References https://attackerkb.com/topics/cve-2024-7348 CVE - 2024-7348

Debian: CVE-2024-42253: linux, linux-6.1 -- security update Severity 4 CVSS (AV:L/AC:M/Au:S/C:N/I:N/A:C) Published 08/08/2024 Created 09/03/2024 Added 09/02/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_irq_bus_sync_unlock() in order to avoid races. The other (non-probe) call site pca953x_gpio_set_multiple() ensures the lock is held before calling pca953x_write_regs(). The problem occurred when a request raced against irq_bus_sync_unlock() approximately once per thousand reboots on an i.MX8MP based system. * Normal case 0-0022: write register AI|3a {03,02,00,00,01} Input latch P0 0-0022: write register AI|49 {fc,fd,ff,ff,fe} Interrupt mask P0 0-0022: write register AI|08 {ff,00,00,00,00} Output P3 0-0022: write register AI|12 {fc,00,00,00,00} Config P3 * Race case 0-0022: write register AI|08 {ff,00,00,00,00} Output P3 0-0022: write register AI|08 {03,02,00,00,01} *** Wrong register *** 0-0022: write register AI|12 {fc,00,00,00,00} Config P3 0-0022: write register AI|49 {fc,fd,ff,ff,fe} Interrupt mask P0 Solution(s) debian-upgrade-linux debian-upgrade-linux-6-1 References https://attackerkb.com/topics/cve-2024-42253 CVE - 2024-42253 DLA-4008-1

Microsoft Edge Chromium: CVE-2024-38219 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/09/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-38219 CVE - 2024-38219 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38219

FreeBSD: VID-587ED8AC-5957-11EF-854A-001E676BF734: OpenHAB CometVisu addon -- Multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/09/2024 Created 08/14/2024 Added 08/13/2024 Modified 08/13/2024 Description OpenHAB reports: This patch release addresses the following security advisories: SSRF/XSS (CometVisu) - GHSA-v7gr-mqpj-wwh3 Sensitive information disclosure (CometVisu) - GHSA-3g4c-hjhr-73rj RCE through path traversal (CometVisu) - GHSA-f729-58x4-gqgf Path traversal (CometVisu) - GHSA-pcwp-26pw-j98w All of these are related to the CometVisu add-on for openHAB - if you are a user of CometVisu, we strongly recommend to upgrade your system to openHAB 4.2.1 in order to fix those vulnerabilities. Solution(s) freebsd-upgrade-package-openhab-addons

Debian: CVE-2024-42365: asterisk -- security update Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/08/2024 Created 10/23/2024 Added 10/22/2024 Modified 01/28/2025 Description Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue. Solution(s) debian-upgrade-asterisk References https://attackerkb.com/topics/cve-2024-42365 CVE - 2024-42365 DLA-3925-1

Debian: CVE-2024-5290: wpa -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/08/2024 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist. Solution(s) debian-upgrade-wpa References https://attackerkb.com/topics/cve-2024-5290 CVE - 2024-5290 DSA-5739-1

VMware Photon OS: CVE-2024-7006 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/08/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-7006 CVE - 2024-7006

Oracle Linux: CVE-2024-7348: ELSA-2024-5927:postgresql:16 security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/08/2024 Created 10/18/2024 Added 10/16/2024 Modified 01/08/2025 Description Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. A vulnerability was found in PostgreSQL. A Race condition in pg_dump allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. Solution(s) oracle-linux-upgrade-pgaudit oracle-linux-upgrade-pg-repack oracle-linux-upgrade-postgres-decoderbufs oracle-linux-upgrade-postgresql oracle-linux-upgrade-postgresql-contrib oracle-linux-upgrade-postgresql-devel oracle-linux-upgrade-postgresql-docs oracle-linux-upgrade-postgresql-libs oracle-linux-upgrade-postgresql-plperl oracle-linux-upgrade-postgresql-plpython oracle-linux-upgrade-postgresql-plpython3 oracle-linux-upgrade-postgresql-pltcl oracle-linux-upgrade-postgresql-private-devel oracle-linux-upgrade-postgresql-private-libs oracle-linux-upgrade-postgresql-server oracle-linux-upgrade-postgresql-server-devel oracle-linux-upgrade-postgresql-static oracle-linux-upgrade-postgresql-test oracle-linux-upgrade-postgresql-test-rpm-macros oracle-linux-upgrade-postgresql-upgrade oracle-linux-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-7348 CVE - 2024-7348 ELSA-2024-5927 ELSA-2024-6018 ELSA-2024-6000 ELSA-2024-6001 ELSA-2024-5999 ELSA-2024-6020 ELSA-2024-5929 ELSA-2024-8495 View more

Alma Linux: CVE-2024-2201: Important: kernel security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/08/2024 Created 08/13/2024 Added 08/12/2024 Modified 12/23/2024 Description A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2024-2201 CVE - 2024-2201 https://errata.almalinux.org/8/ALSA-2024-5101.html https://errata.almalinux.org/8/ALSA-2024-5102.html https://errata.almalinux.org/9/ALSA-2024-8617.html

Amazon Linux 2023: CVE-2024-7348: Important priority package update for postgresql15 Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/08/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. A vulnerability was found in PostgreSQL. A Race condition in pg_dump allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. Solution(s) amazon-linux-2023-upgrade-postgresql15 amazon-linux-2023-upgrade-postgresql15-contrib amazon-linux-2023-upgrade-postgresql15-contrib-debuginfo amazon-linux-2023-upgrade-postgresql15-debuginfo amazon-linux-2023-upgrade-postgresql15-debugsource amazon-linux-2023-upgrade-postgresql15-docs amazon-linux-2023-upgrade-postgresql15-docs-debuginfo amazon-linux-2023-upgrade-postgresql15-llvmjit amazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfo amazon-linux-2023-upgrade-postgresql15-plperl amazon-linux-2023-upgrade-postgresql15-plperl-debuginfo amazon-linux-2023-upgrade-postgresql15-plpython3 amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfo amazon-linux-2023-upgrade-postgresql15-pltcl amazon-linux-2023-upgrade-postgresql15-pltcl-debuginfo amazon-linux-2023-upgrade-postgresql15-private-devel amazon-linux-2023-upgrade-postgresql15-private-libs amazon-linux-2023-upgrade-postgresql15-private-libs-debuginfo amazon-linux-2023-upgrade-postgresql15-server amazon-linux-2023-upgrade-postgresql15-server-debuginfo amazon-linux-2023-upgrade-postgresql15-server-devel amazon-linux-2023-upgrade-postgresql15-server-devel-debuginfo amazon-linux-2023-upgrade-postgresql15-static amazon-linux-2023-upgrade-postgresql15-test amazon-linux-2023-upgrade-postgresql15-test-debuginfo amazon-linux-2023-upgrade-postgresql15-test-rpm-macros amazon-linux-2023-upgrade-postgresql15-upgrade amazon-linux-2023-upgrade-postgresql15-upgrade-debuginfo amazon-linux-2023-upgrade-postgresql15-upgrade-devel amazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfo References https://attackerkb.com/topics/cve-2024-7348 CVE - 2024-7348 https://alas.aws.amazon.com/AL2023/ALAS-2024-702.html

VMware Photon OS: CVE-2024-43168 Severity 4 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:P) Published 08/08/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-43168 CVE - 2024-43168

Red Hat: CVE-2024-7348: postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (Multiple Advisories) Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/08/2024 Created 09/14/2024 Added 09/13/2024 Modified 09/13/2024 Description Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. Solution(s) redhat-upgrade-pg_repack redhat-upgrade-pg_repack-debuginfo redhat-upgrade-pg_repack-debugsource redhat-upgrade-pgaudit redhat-upgrade-pgaudit-debuginfo redhat-upgrade-pgaudit-debugsource redhat-upgrade-postgres-decoderbufs redhat-upgrade-postgres-decoderbufs-debuginfo redhat-upgrade-postgres-decoderbufs-debugsource redhat-upgrade-postgresql redhat-upgrade-postgresql-contrib redhat-upgrade-postgresql-contrib-debuginfo redhat-upgrade-postgresql-debuginfo redhat-upgrade-postgresql-debugsource redhat-upgrade-postgresql-docs redhat-upgrade-postgresql-docs-debuginfo redhat-upgrade-postgresql-plperl redhat-upgrade-postgresql-plperl-debuginfo redhat-upgrade-postgresql-plpython3 redhat-upgrade-postgresql-plpython3-debuginfo redhat-upgrade-postgresql-pltcl redhat-upgrade-postgresql-pltcl-debuginfo redhat-upgrade-postgresql-private-devel redhat-upgrade-postgresql-private-libs redhat-upgrade-postgresql-private-libs-debuginfo redhat-upgrade-postgresql-server redhat-upgrade-postgresql-server-debuginfo redhat-upgrade-postgresql-server-devel redhat-upgrade-postgresql-server-devel-debuginfo redhat-upgrade-postgresql-static redhat-upgrade-postgresql-test redhat-upgrade-postgresql-test-debuginfo redhat-upgrade-postgresql-test-rpm-macros redhat-upgrade-postgresql-upgrade redhat-upgrade-postgresql-upgrade-debuginfo redhat-upgrade-postgresql-upgrade-devel redhat-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2024-7348 RHSA-2024:5927 RHSA-2024:5929 RHSA-2024:5999 RHSA-2024:6000 RHSA-2024:6001 RHSA-2024:6018 RHSA-2024:6020 RHSA-2024:6137 RHSA-2024:6140 RHSA-2024:6141 RHSA-2024:6142 RHSA-2024:6145 View more

VMware Photon OS: CVE-2024-7348 Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 08/08/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-7348 CVE - 2024-7348