ISHACK AI BOT

OS X update for IOAcceleratorFamily (CVE-2023-42918) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/29/2024 Created 10/14/2024 Added 10/14/2024 Modified 10/16/2024 Description Deprecated Solution(s)

OS X update for WebKit (CVE-2024-40794) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/29/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication. Solution(s) apple-osx-upgrade-14_6 References https://attackerkb.com/topics/cve-2024-40794 CVE - 2024-40794 https://support.apple.com/en-us/120911

OS X update for WebKit (CVE-2024-40785) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/29/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack. Solution(s) apple-osx-upgrade-14_6 References https://attackerkb.com/topics/cve-2024-40785 CVE - 2024-40785 https://support.apple.com/en-us/120911

VMware Photon OS: CVE-2024-41020 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/29/2024 Created 01/21/2025 Added 01/20/2025 Modified 01/20/2025 Description In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was patching: The normal version, and the version for 64-bit offsets on 32-bit kernels. Thanks to Greg KH for stumbling over this while doing the stable backport... Apply exactly the same fix to the compat path for 32-bit kernels. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-41020 CVE - 2024-41020

VMware Photon OS: CVE-2024-41041 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/29/2024 Created 01/21/2025 Added 01/20/2025 Modified 01/20/2025 Description In the Linux kernel, the following vulnerability has been resolved: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). syzkaller triggered the warning [0] in udp_v4_early_demux(). In udp_v[46]_early_demux() and sk_lookup(), we do not touch the refcount of the looked-up sk and use sock_pfree() as skb->destructor, so we check SOCK_RCU_FREE to ensure that the sk is safe to access during the RCU grace period. Currently, SOCK_RCU_FREE is flagged for a bound socket after being put into the hash table.Moreover, the SOCK_RCU_FREE check is done too early in udp_v[46]_early_demux() and sk_lookup(), so there could be a small race window: CPU1 CPU2 ---- ---- udp_v4_early_demux() udp_lib_get_port() ||- hlist_add_head_rcu() |- sk = __udp4_lib_demux_lookup()| |- DEBUG_NET_WARN_ON_ONCE(sk_is_refcounted(sk)); `- sock_set_flag(sk, SOCK_RCU_FREE) We had the same bug in TCP and fixed it in commit 871019b22d1b ("net: set SOCK_RCU_FREE before inserting socket into hashtable"). Let's apply the same fix for UDP. [0]: WARNING: CPU: 0 PID: 11198 at net/ipv4/udp.c:2599 udp_v4_early_demux+0x481/0xb70 net/ipv4/udp.c:2599 Modules linked in: CPU: 0 PID: 11198 Comm: syz-executor.1 Not tainted 6.9.0-g93bda33046e7 #13 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:udp_v4_early_demux+0x481/0xb70 net/ipv4/udp.c:2599 Code: c5 7a 15 fe bb 01 00 00 00 44 89 e9 31 ff d3 e3 81 e3 bf ef ff ff 89 de e8 2c 74 15 fe 85 db 0f 85 02 06 00 00 e8 9f 7a 15 fe <0f> 0b e8 98 7a 15 fe 49 8d 7e 60 e8 4f 39 2f fe 49 c7 46 60 20 52 RSP: 0018:ffffc9000ce3fa58 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8318c92c RDX: ffff888036ccde00 RSI: ffffffff8318c2f1 RDI: 0000000000000001 RBP: ffff88805a2dd6e0 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0001ffffffffffff R12: ffff88805a2dd680 R13: 0000000000000007 R14: ffff88800923f900 R15: ffff88805456004e FS:00007fc449127640(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc449126e38 CR3: 000000003de4b002 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 PKRU: 55555554 Call Trace: <TASK> ip_rcv_finish_core.constprop.0+0xbdd/0xd20 net/ipv4/ip_input.c:349 ip_rcv_finish+0xda/0x150 net/ipv4/ip_input.c:447 NF_HOOK include/linux/netfilter.h:314 [inline] NF_HOOK include/linux/netfilter.h:308 [inline] ip_rcv+0x16c/0x180 net/ipv4/ip_input.c:569 __netif_receive_skb_one_core+0xb3/0xe0 net/core/dev.c:5624 __netif_receive_skb+0x21/0xd0 net/core/dev.c:5738 netif_receive_skb_internal net/core/dev.c:5824 [inline] netif_receive_skb+0x271/0x300 net/core/dev.c:5884 tun_rx_batched drivers/net/tun.c:1549 [inline] tun_get_user+0x24db/0x2c50 drivers/net/tun.c:2002 tun_chr_write_iter+0x107/0x1a0 drivers/net/tun.c:2048 new_sync_write fs/read_write.c:497 [inline] vfs_write+0x76f/0x8d0 fs/read_write.c:590 ksys_write+0xbf/0x190 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __x64_sys_write+0x41/0x50 fs/read_write.c:652 x64_sys_call+0xe66/0x1990 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x4b/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7fc44a68bc1f Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 e9 cf f5 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 3c d0 f5 ff 48 RSP: 002b:00007fc449126c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00000000004bc050 RCX: 00007fc44a68bc1f R ---truncated--- Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-41041 CVE - 2024-41041

VMware Photon OS: CVE-2024-41048 Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/29/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/05/2025 Description In the Linux kernel, the following vulnerability has been resolved: skmsg: Skip zero length skb in sk_msg_recvmsg When running BPF selftests (./test_progs -t sockmap_basic) on a Loongarch platform, the following kernel panic occurs: [...] Oops[#1]: CPU: 22 PID: 2824 Comm: test_progs Tainted: G OE6.10.0-rc2+ #18 Hardware name: LOONGSON Dabieshan/Loongson-TC542F0, BIOS Loongson-UDK2018 ... ... ra: 90000000048bf6c0 sk_msg_recvmsg+0x120/0x560 ERA: 9000000004162774 copy_page_to_iter+0x74/0x1c0 CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) PRMD: 0000000c (PPLV0 +PIE +PWE) EUEN: 00000007 (+FPE +SXE +ASXE -BTE) ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7) ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0) BADV: 0000000000000040 PRID: 0014c011 (Loongson-64bit, Loongson-3C5000) Modules linked in: bpf_testmod(OE) xt_CHECKSUM xt_MASQUERADE xt_conntrack Process test_progs (pid: 2824, threadinfo=0000000000863a31, task=...) Stack : ... Call Trace: [<9000000004162774>] copy_page_to_iter+0x74/0x1c0 [<90000000048bf6c0>] sk_msg_recvmsg+0x120/0x560 [<90000000049f2b90>] tcp_bpf_recvmsg_parser+0x170/0x4e0 [<90000000049aae34>] inet_recvmsg+0x54/0x100 [<900000000481ad5c>] sock_recvmsg+0x7c/0xe0 [<900000000481e1a8>] __sys_recvfrom+0x108/0x1c0 [<900000000481e27c>] sys_recvfrom+0x1c/0x40 [<9000000004c076ec>] do_syscall+0x8c/0xc0 [<9000000003731da4>] handle_syscall+0xc4/0x160 Code: ... ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Fatal exception Kernel relocated by 0x3510000 .text @ 0x9000000003710000 .data @ 0x9000000004d70000 .bss@ 0x9000000006469400 ---[ end Kernel panic - not syncing: Fatal exception ]--- [...] This crash happens every time when running sockmap_skb_verdict_shutdown subtest in sockmap_basic. This crash is because a NULL pointer is passed to page_address() in the sk_msg_recvmsg(). Due to the different implementations depending on the architecture, page_address(NULL) will trigger a panic on Loongarch platform but not on x86 platform. So this bug was hidden on x86 platform for a while, but now it is exposed on Loongarch platform. The root cause is that a zero length skb (skb->len == 0) was put on the queue. This zero length skb is a TCP FIN packet, which was sent by shutdown(), invoked in test_sockmap_skb_verdict_shutdown(): shutdown(p1, SHUT_WR); In this case, in sk_psock_skb_ingress_enqueue(), num_sge is zero, and no page is put to this sge (see sg_set_page in sg_set_page), but this empty sge is queued into ingress_msg list. And in sk_msg_recvmsg(), this empty sge is used, and a NULL page is got by sg_page(sge). Pass this NULL page to copy_page_to_iter(), which passes it to kmap_local_page() and to page_address(), then kernel panics. To solve this, we should skip this zero length skb. So in sk_msg_recvmsg(), if copy is zero, that means it's a zero length skb, skip invoking copy_page_to_iter(). We are using the EFAULT return triggered by copy_page_to_iter to check for is_fin in tcp_bpf.c. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-41048 CVE - 2024-41048

Microsoft Edge Chromium: CVE-2024-6998 Use after free in User Education Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Use after free in User Education in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6998 CVE - 2024-6998 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6998

Microsoft Edge Chromium: CVE-2024-6989 Use after free in Loader Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6989 CVE - 2024-6989 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6989

Microsoft Edge Chromium: CVE-2024-6996 Race in Frames Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6996 CVE - 2024-6996 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6996

Microsoft Edge Chromium: CVE-2024-39379 Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-39379 CVE - 2024-39379 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39379

Automation 360 Automation Anywhere SSRF vulnerability (CVE-2024-6922) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 07/29/2024 Description Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF). An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web requests from the server. Solution(s) automation-anywhere-automation-360-upgrade-latest References https://attackerkb.com/topics/cve-2024-6922 CVE - 2024-6922

Microsoft Edge Chromium: CVE-2024-6988 Use after free in Downloads Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Use after free in Downloads in Google Chrome on iOS prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6988 CVE - 2024-6988 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6988

Microsoft Edge Chromium: CVE-2024-6999 Inappropriate implementation in FedCM Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6999 CVE - 2024-6999 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6999

FreeBSD: VID-3E917407-4B3F-11EF-8E49-001999F8D30B: Mailpit -- Content Security Policy XSS Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/26/2024 Created 07/30/2024 Added 07/26/2024 Modified 07/26/2024 Description Mailpit developer reports: A vulnerability was discovered which allowed a bad actor with SMTP access to Mailpit to bypass the Content Security Policy headers using a series of crafted HTML messages which could result in a stored XSS attack via the web UI. Solution(s) freebsd-upgrade-package-mailpit

Debian: CVE-2024-35161: trafficserver -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/26/2024 Created 08/28/2024 Added 08/28/2024 Modified 01/28/2025 Description Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. Solution(s) debian-upgrade-trafficserver References https://attackerkb.com/topics/cve-2024-35161 CVE - 2024-35161 DSA-5758-1

Debian: CVE-2024-35296: trafficserver -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:P) Published 07/26/2024 Created 08/28/2024 Added 08/28/2024 Modified 01/28/2025 Description Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. Solution(s) debian-upgrade-trafficserver References https://attackerkb.com/topics/cve-2024-35296 CVE - 2024-35296 DSA-5758-1

Debian: CVE-2023-38522: trafficserver -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/26/2024 Created 08/28/2024 Added 08/28/2024 Modified 01/28/2025 Description Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. Solution(s) debian-upgrade-trafficserver References https://attackerkb.com/topics/cve-2023-38522 CVE - 2023-38522 DSA-5758-1

Microsoft Edge Chromium: CVE-2024-7001 Inappropriate implementation in HTML Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-7001 CVE - 2024-7001 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7001

Amazon Linux AMI 2: CVE-2024-40897: Security patch for orc (ALAS-2025-2727) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 07/26/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/30/2025 Description Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments. Solution(s) amazon-linux-ami-2-upgrade-orc amazon-linux-ami-2-upgrade-orc-compiler amazon-linux-ami-2-upgrade-orc-debuginfo amazon-linux-ami-2-upgrade-orc-devel amazon-linux-ami-2-upgrade-orc-doc References https://attackerkb.com/topics/cve-2024-40897 AL2/ALAS-2025-2727 CVE - 2024-40897

Red Hat: CVE-2024-40897: orc: Stack-based buffer overflow vulnerability in ORC (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 07/26/2024 Created 09/14/2024 Added 09/13/2024 Modified 09/13/2024 Description Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments. Solution(s) redhat-upgrade-orc redhat-upgrade-orc-compiler redhat-upgrade-orc-compiler-debuginfo redhat-upgrade-orc-debuginfo redhat-upgrade-orc-debugsource redhat-upgrade-orc-devel References CVE-2024-40897 RHSA-2024:5306 RHSA-2024:5638 RHSA-2024:6184

Ubuntu: (Multiple Advisories) (CVE-2024-40897): ORC vulnerability Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 07/26/2024 Created 08/20/2024 Added 08/19/2024 Modified 01/30/2025 Description Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments. Solution(s) ubuntu-pro-upgrade-liborc-0-4-0 ubuntu-pro-upgrade-liborc-0-4-0t64 ubuntu-pro-upgrade-liborc-0-4-dev References https://attackerkb.com/topics/cve-2024-40897 CVE - 2024-40897 USN-6964-1 USN-6964-2

Microsoft Edge Chromium: CVE-2024-7000 Use after free in CSS Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-7000 CVE - 2024-7000 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7000

Microsoft Edge Chromium: CVE-2024-7005 Insufficient validation of untrusted input in Safe Browsing Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-7005 CVE - 2024-7005 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7005

Microsoft Edge Chromium: CVE-2024-7004 Insufficient validation of untrusted input in Safe Browsing Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-7004 CVE - 2024-7004 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-7004

Microsoft Edge Chromium: CVE-2024-6995 Inappropriate implementation in Fullscreen Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6995 CVE - 2024-6995 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6995