ISHACK AI BOT

F5 Networks: CVE-2024-1737: K000140732: BIND vulnerability CVE-2024-1737 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/23/2024 Created 08/27/2024 Added 08/23/2024 Modified 01/28/2025 Description Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-1737 CVE - 2024-1737 https://my.f5.com/manage/s/article/K000140732

Debian: CVE-2024-4076: bind9 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/23/2024 Created 07/30/2024 Added 07/29/2024 Modified 07/31/2024 Description Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1. Solution(s) debian-upgrade-bind9 References https://attackerkb.com/topics/cve-2024-4076 CVE - 2024-4076 DSA-5734-1

VMware Photon OS: CVE-2024-41012 Severity 5 CVSS (AV:L/AC:H/Au:S/C:C/I:N/A:C) Published 07/23/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait(). However, LSMs can allow the first do_lock_file_wait() that created the lock while denying the second do_lock_file_wait() that tries to remove the lock. Separately, posix_lock_file() could also fail to remove a lock due to GFP_KERNEL allocation failure (when splitting a range in the middle). After the bug has been triggered, use-after-free reads will occur in lock_get_status() when userspace reads /proc/locks. This can likely be used to read arbitrary kernel memory, but can't corrupt kernel memory. Fix it by calling locks_remove_posix() instead, which is designed to reliably get rid of POSIX locks associated with the given file and files_struct and is also used by filp_flush(). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-41012 CVE - 2024-41012

Alma Linux: CVE-2024-4076: Important: bind9.16 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/23/2024 Created 08/23/2024 Added 08/22/2024 Modified 09/18/2024 Description Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1. Solution(s) alma-upgrade-bind alma-upgrade-bind-chroot alma-upgrade-bind-devel alma-upgrade-bind-dnssec-doc alma-upgrade-bind-dnssec-utils alma-upgrade-bind-doc alma-upgrade-bind-dyndb-ldap alma-upgrade-bind-libs alma-upgrade-bind-license alma-upgrade-bind-utils alma-upgrade-bind9.16 alma-upgrade-bind9.16-chroot alma-upgrade-bind9.16-devel alma-upgrade-bind9.16-dnssec-utils alma-upgrade-bind9.16-doc alma-upgrade-bind9.16-libs alma-upgrade-bind9.16-license alma-upgrade-bind9.16-utils alma-upgrade-python3-bind alma-upgrade-python3-bind9.16 References https://attackerkb.com/topics/cve-2024-4076 CVE - 2024-4076 https://errata.almalinux.org/8/ALSA-2024-5390.html https://errata.almalinux.org/9/ALSA-2024-5231.html

Huawei EulerOS: CVE-2024-40725: httpd security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/18/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/30/2025 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Solution(s) huawei-euleros-2_0_sp12-upgrade-httpd huawei-euleros-2_0_sp12-upgrade-httpd-filesystem huawei-euleros-2_0_sp12-upgrade-httpd-tools huawei-euleros-2_0_sp12-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2024-40725 CVE - 2024-40725 EulerOS-SA-2024-2952

Red Hat: CVE-2024-41184: keepalived: Integer overflow vulnerability in vrrp_ipsets_handler (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:P) Published 07/18/2024 Created 01/31/2025 Added 01/30/2025 Modified 02/05/2025 Description In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. Solution(s) redhat-upgrade-keepalived redhat-upgrade-keepalived-debuginfo redhat-upgrade-keepalived-debugsource References CVE-2024-41184 RHSA-2025:0743 RHSA-2025:0917

Apache HTTPD: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (CVE-2024-40898) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 07/18/2024 Created 10/14/2024 Added 10/14/2024 Modified 12/03/2024 Description SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. Solution(s) apache-httpd-upgrade-latest References https://attackerkb.com/topics/cve-2024-40898 http://www.openwall.com/lists/oss-security/2024/07/17/7 https://httpd.apache.org/security/vulnerabilities_24.html https://security.netapp.com/advisory/ntap-20240808-0006/ CVE - 2024-40898

Debian: CVE-2024-40725: apache2 -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/18/2024 Created 09/03/2024 Added 09/02/2024 Modified 01/30/2025 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Solution(s) debian-upgrade-apache2 References https://attackerkb.com/topics/cve-2024-40725 CVE - 2024-40725

Alma Linux: CVE-2024-41184: Moderate: keepalived security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/18/2024 Created 01/31/2025 Added 01/30/2025 Modified 02/10/2025 Description In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. Solution(s) alma-upgrade-keepalived References https://attackerkb.com/topics/cve-2024-41184 CVE - 2024-41184 https://errata.almalinux.org/8/ALSA-2025-0743.html https://errata.almalinux.org/9/ALSA-2025-0917.html

Alpine Linux: CVE-2024-40725: Vulnerability in Multiple Components Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/18/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Solution(s) alpine-linux-upgrade-apache2 References https://attackerkb.com/topics/cve-2024-40725 CVE - 2024-40725 https://security.alpinelinux.org/vuln/CVE-2024-40725

Alpine Linux: CVE-2024-31143: Vulnerability in Multiple Components Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/18/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/01/2024 Description An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors.Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go.In this handling an error path could be taken in different situations, with or without a particular lock held.This error path wrongly releases the lock even when it is not currently held. Solution(s) alpine-linux-upgrade-xen References https://attackerkb.com/topics/cve-2024-31143 CVE - 2024-31143 https://security.alpinelinux.org/vuln/CVE-2024-31143

Gentoo Linux: CVE-2024-40725: Apache HTTPD: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/18/2024 Created 10/01/2024 Added 09/30/2024 Modified 01/30/2025 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Solution(s) gentoo-linux-upgrade-www-servers-apache References https://attackerkb.com/topics/cve-2024-40725 CVE - 2024-40725 202409-31

Gentoo Linux: CVE-2024-40898: Apache HTTPD: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 07/18/2024 Created 10/01/2024 Added 09/30/2024 Modified 01/28/2025 Description SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. Solution(s) gentoo-linux-upgrade-www-servers-apache References https://attackerkb.com/topics/cve-2024-40898 CVE - 2024-40898 202409-31

Alpine Linux: CVE-2024-40898: Server-Side Request Forgery (SSRF) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 07/18/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. Solution(s) alpine-linux-upgrade-apache2 References https://attackerkb.com/topics/cve-2024-40898 CVE - 2024-40898 https://security.alpinelinux.org/vuln/CVE-2024-40898

Rocky Linux: CVE-2024-41184: keepalived (RLSA-2025-0743) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/18/2024 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. Solution(s) rocky-upgrade-keepalived rocky-upgrade-keepalived-debuginfo rocky-upgrade-keepalived-debugsource References https://attackerkb.com/topics/cve-2024-41184 CVE - 2024-41184 https://errata.rockylinux.org/RLSA-2025:0743

Cisco Catalyst SD-WAN Obsolete Version Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/18/2024 Created 07/19/2024 Added 07/18/2024 Modified 08/22/2024 Description Cisco announces the end-of-life dates for the SDWAN. Solution(s) cisco-catalyst-sdwan-update-latest References https://www.cisco.com/c/en/us/products/routers/sd-wan/eos-eol-notice-listing.html

SUSE: CVE-2024-41011: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/18/2024 Created 08/08/2024 Added 08/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case.The GPU has an unused 4K area of the register BAR space into which you can remap registers.We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM.However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2024-41011 CVE - 2024-41011

Oracle Linux: CVE-2024-41011: ELSA-2024-12813: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:M/C:C/I:N/A:N) Published 07/18/2024 Created 11/23/2024 Added 11/21/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case.The GPU has an unused 4K area of the register BAR space into which you can remap registers.We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM.However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2024-41011 CVE - 2024-41011 ELSA-2024-12813 ELSA-2024-12815

Amazon Linux 2023: CVE-2024-40725: Important priority package update for httpd Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 07/18/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. A flaw was found in httpd. The fix for CVE-2024-39884 ignores some uses of the legacy content-type based configuration of handlers. "AddType" and similar configurations, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Solution(s) amazon-linux-2023-upgrade-httpd amazon-linux-2023-upgrade-httpd-core amazon-linux-2023-upgrade-httpd-core-debuginfo amazon-linux-2023-upgrade-httpd-debuginfo amazon-linux-2023-upgrade-httpd-debugsource amazon-linux-2023-upgrade-httpd-devel amazon-linux-2023-upgrade-httpd-filesystem amazon-linux-2023-upgrade-httpd-manual amazon-linux-2023-upgrade-httpd-tools amazon-linux-2023-upgrade-httpd-tools-debuginfo amazon-linux-2023-upgrade-mod-ldap amazon-linux-2023-upgrade-mod-ldap-debuginfo amazon-linux-2023-upgrade-mod-lua amazon-linux-2023-upgrade-mod-lua-debuginfo amazon-linux-2023-upgrade-mod-proxy-html amazon-linux-2023-upgrade-mod-proxy-html-debuginfo amazon-linux-2023-upgrade-mod-session amazon-linux-2023-upgrade-mod-session-debuginfo amazon-linux-2023-upgrade-mod-ssl amazon-linux-2023-upgrade-mod-ssl-debuginfo References https://attackerkb.com/topics/cve-2024-40725 CVE - 2024-40725 https://alas.aws.amazon.com/AL2023/ALAS-2024-681.html

Amazon Linux AMI 2: CVE-2024-40725: Security patch for httpd (ALAS-2024-2606) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/18/2024 Created 08/14/2024 Added 08/14/2024 Modified 01/30/2025 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Solution(s) amazon-linux-ami-2-upgrade-httpd amazon-linux-ami-2-upgrade-httpd-debuginfo amazon-linux-ami-2-upgrade-httpd-devel amazon-linux-ami-2-upgrade-httpd-filesystem amazon-linux-ami-2-upgrade-httpd-manual amazon-linux-ami-2-upgrade-httpd-tools amazon-linux-ami-2-upgrade-mod_ldap amazon-linux-ami-2-upgrade-mod_md amazon-linux-ami-2-upgrade-mod_proxy_html amazon-linux-ami-2-upgrade-mod_session amazon-linux-ami-2-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2024-40725 AL2/ALAS-2024-2606 CVE - 2024-40725

Vulnerabilities deemed not relevant on Mac OS X Severity 1 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:N) Published 07/18/2024 Created 07/19/2024 Added 07/18/2024 Modified 07/18/2024 Description This is a placeholder for all CVEs that are not relevant for one reason or another on Mac OS X. Mac OS X makes this determination because the affected software was shipped, built or configured in a manner that it made it invulnerable to a given vulnerability. Solution(s) References https://attackerkb.com/topics/cve-2024-6387 CVE - 2024-6387

Ubuntu: (Multiple Advisories) (CVE-2024-41011): Linux kernel vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/18/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case.The GPU has an unused 4K area of the register BAR space into which you can remap registers.We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM.However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1038-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1055-gkeop ubuntu-upgrade-linux-image-5-15-0-1065-ibm ubuntu-upgrade-linux-image-5-15-0-1065-raspi ubuntu-upgrade-linux-image-5-15-0-1067-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1067-nvidia ubuntu-upgrade-linux-image-5-15-0-1067-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1069-gke ubuntu-upgrade-linux-image-5-15-0-1069-kvm ubuntu-upgrade-linux-image-5-15-0-1070-oracle ubuntu-upgrade-linux-image-5-15-0-1071-gcp ubuntu-upgrade-linux-image-5-15-0-1072-aws ubuntu-upgrade-linux-image-5-15-0-1075-azure ubuntu-upgrade-linux-image-5-15-0-1078-azure ubuntu-upgrade-linux-image-5-15-0-125-generic ubuntu-upgrade-linux-image-5-15-0-125-generic-64k ubuntu-upgrade-linux-image-5-15-0-125-generic-lpae ubuntu-upgrade-linux-image-5-15-0-125-lowlatency ubuntu-upgrade-linux-image-5-15-0-125-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1044-iot ubuntu-upgrade-linux-image-5-4-0-1054-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1082-ibm ubuntu-upgrade-linux-image-5-4-0-1094-bluefield ubuntu-upgrade-linux-image-5-4-0-1102-gkeop ubuntu-upgrade-linux-image-5-4-0-1119-raspi ubuntu-upgrade-linux-image-5-4-0-1123-kvm ubuntu-upgrade-linux-image-5-4-0-1134-oracle ubuntu-upgrade-linux-image-5-4-0-1135-aws ubuntu-upgrade-linux-image-5-4-0-1139-azure ubuntu-upgrade-linux-image-5-4-0-1139-gcp ubuntu-upgrade-linux-image-5-4-0-1140-azure ubuntu-upgrade-linux-image-5-4-0-200-generic ubuntu-upgrade-linux-image-5-4-0-200-generic-lpae ubuntu-upgrade-linux-image-5-4-0-200-lowlatency ubuntu-upgrade-linux-image-6-8-0-1008-gke ubuntu-upgrade-linux-image-6-8-0-1009-raspi ubuntu-upgrade-linux-image-6-8-0-1010-ibm ubuntu-upgrade-linux-image-6-8-0-1010-oem ubuntu-upgrade-linux-image-6-8-0-1010-oracle ubuntu-upgrade-linux-image-6-8-0-1010-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1012-azure ubuntu-upgrade-linux-image-6-8-0-1012-azure-fde ubuntu-upgrade-linux-image-6-8-0-1012-gcp ubuntu-upgrade-linux-image-6-8-0-1013-aws ubuntu-upgrade-linux-image-6-8-0-40-generic ubuntu-upgrade-linux-image-6-8-0-40-generic-64k ubuntu-upgrade-linux-image-6-8-0-40-lowlatency ubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-41011 CVE - 2024-41011 USN-6949-1 USN-6949-2 USN-6952-1 USN-6952-2 USN-6955-1 USN-7088-1 USN-7088-2 USN-7088-3 USN-7088-4 USN-7088-5 USN-7100-1 USN-7100-2 USN-7119-1 USN-7123-1 USN-7144-1 USN-7194-1 View more

Huawei EulerOS: CVE-2024-40725: httpd security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/18/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/30/2025 Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Solution(s) huawei-euleros-2_0_sp10-upgrade-httpd huawei-euleros-2_0_sp10-upgrade-httpd-filesystem huawei-euleros-2_0_sp10-upgrade-httpd-tools huawei-euleros-2_0_sp10-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2024-40725 CVE - 2024-40725 EulerOS-SA-2025-1023

OS X update for Model I/O (CVE-2023-42918) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 07/17/2024 Created 07/17/2024 Added 07/17/2024 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. Solution(s) apple-osx-upgrade-14 References https://attackerkb.com/topics/cve-2023-42918 CVE - 2023-42918 https://support.apple.com/kb/HT213940

VMware Photon OS: CVE-2024-41011 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/18/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case.The GPU has an unused 4K area of the register BAR space into which you can remap registers.We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM.However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-41011 CVE - 2024-41011