ISHACK AI BOT

Ubuntu: USN-7039-1 (CVE-2022-48838): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 09/28/2024 Added 09/27/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in dev_uevent+0x712/0x780 drivers/base/core.c:2320 Read of size 8 at addr ffff88802b934098 by task udevd/3689 CPU: 2 PID: 3689 Comm: udevd Not tainted 5.17.0-rc4-syzkaller-00229-g4f12b742eb2b #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0x8d/0x303 mm/kasan/report.c:255 __kasan_report mm/kasan/report.c:442 [inline] kasan_report.cold+0x83/0xdf mm/kasan/report.c:459 dev_uevent+0x712/0x780 drivers/base/core.c:2320 uevent_show+0x1b8/0x380 drivers/base/core.c:2391 dev_attr_show+0x4b/0x90 drivers/base/core.c:2094 Although the bug manifested in the driver core, the real cause was a race with the gadget core.dev_uevent() does: if (dev->driver) add_uevent_var(env, "DRIVER=%s", dev->driver->name); and between the test and the dereference of dev->driver, the gadget core sets dev->driver to NULL. The race wouldn't occur if the gadget core registered its devices on a real bus, using the standard synchronization techniques of the driver core.However, it's not necessary to make such a large change in order to fix this bug; all we need to do is make sure that udc->dev.driver is always NULL. In fact, there is no reason for udc->dev.driver ever to be set to anything, let alone to the value it currently gets: the address of the gadget's driver.After all, a gadget driver only knows how to manage a gadget, not how to manage a UDC. This patch simply removes the statements in the gadget core that touch udc->dev.driver. Solution(s) ubuntu-upgrade-linux-image-4-4-0-1136-aws ubuntu-upgrade-linux-image-4-4-0-1137-kvm ubuntu-upgrade-linux-image-4-4-0-1174-aws ubuntu-upgrade-linux-image-4-4-0-259-generic ubuntu-upgrade-linux-image-4-4-0-259-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-lts-utopic ubuntu-upgrade-linux-image-generic-lts-vivid ubuntu-upgrade-linux-image-generic-lts-wily ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-lts-utopic ubuntu-upgrade-linux-image-lowlatency-lts-vivid ubuntu-upgrade-linux-image-lowlatency-lts-wily ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-lts-utopic ubuntu-upgrade-linux-image-virtual-lts-vivid ubuntu-upgrade-linux-image-virtual-lts-wily ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2022-48838 CVE - 2022-48838 USN-7039-1

Alma Linux: CVE-2024-6655: Moderate: gtk3 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 09/27/2024 Added 09/26/2024 Modified 11/19/2024 Description A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. Solution(s) alma-upgrade-gtk-update-icon-cache alma-upgrade-gtk3 alma-upgrade-gtk3-devel alma-upgrade-gtk3-devel-docs alma-upgrade-gtk3-immodule-xim References https://attackerkb.com/topics/cve-2024-6655 CVE - 2024-6655 https://errata.almalinux.org/8/ALSA-2024-6963.html https://errata.almalinux.org/9/ALSA-2024-9184.html

Oracle MySQL Vulnerability: CVE-2024-20996 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 07/27/2024 Added 07/26/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2024-20996 CVE - 2024-20996 https://www.oracle.com/security-alerts/cpujul2024.html

Amazon Linux 2023: CVE-2024-21138: Important priority package update for java-22-amazon-corretto (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) amazon-linux-2023-upgrade-java-11-amazon-corretto amazon-linux-2023-upgrade-java-11-amazon-corretto-devel amazon-linux-2023-upgrade-java-11-amazon-corretto-headless amazon-linux-2023-upgrade-java-11-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-11-amazon-corretto-jmods amazon-linux-2023-upgrade-java-17-amazon-corretto amazon-linux-2023-upgrade-java-17-amazon-corretto-devel amazon-linux-2023-upgrade-java-17-amazon-corretto-headless amazon-linux-2023-upgrade-java-17-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-17-amazon-corretto-jmods amazon-linux-2023-upgrade-java-1-8-0-amazon-corretto amazon-linux-2023-upgrade-java-1-8-0-amazon-corretto-devel amazon-linux-2023-upgrade-java-21-amazon-corretto amazon-linux-2023-upgrade-java-21-amazon-corretto-devel amazon-linux-2023-upgrade-java-21-amazon-corretto-headless amazon-linux-2023-upgrade-java-21-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-21-amazon-corretto-jmods amazon-linux-2023-upgrade-java-22-amazon-corretto amazon-linux-2023-upgrade-java-22-amazon-corretto-devel amazon-linux-2023-upgrade-java-22-amazon-corretto-headless amazon-linux-2023-upgrade-java-22-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-22-amazon-corretto-jmods References https://attackerkb.com/topics/cve-2024-21138 CVE - 2024-21138 https://alas.aws.amazon.com/AL2023/ALAS-2024-667.html https://alas.aws.amazon.com/AL2023/ALAS-2024-668.html https://alas.aws.amazon.com/AL2023/ALAS-2024-669.html https://alas.aws.amazon.com/AL2023/ALAS-2024-670.html https://alas.aws.amazon.com/AL2023/ALAS-2024-671.html

Amazon Linux 2023: CVE-2024-21145: Important priority package update for java-22-amazon-corretto (Multiple Advisories) Severity 4 CVSS (AV:N/AC:H/Au:N/C:P/I:P/A:N) Published 07/16/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) amazon-linux-2023-upgrade-java-11-amazon-corretto amazon-linux-2023-upgrade-java-11-amazon-corretto-devel amazon-linux-2023-upgrade-java-11-amazon-corretto-headless amazon-linux-2023-upgrade-java-11-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-11-amazon-corretto-jmods amazon-linux-2023-upgrade-java-17-amazon-corretto amazon-linux-2023-upgrade-java-17-amazon-corretto-devel amazon-linux-2023-upgrade-java-17-amazon-corretto-headless amazon-linux-2023-upgrade-java-17-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-17-amazon-corretto-jmods amazon-linux-2023-upgrade-java-1-8-0-amazon-corretto amazon-linux-2023-upgrade-java-1-8-0-amazon-corretto-devel amazon-linux-2023-upgrade-java-21-amazon-corretto amazon-linux-2023-upgrade-java-21-amazon-corretto-devel amazon-linux-2023-upgrade-java-21-amazon-corretto-headless amazon-linux-2023-upgrade-java-21-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-21-amazon-corretto-jmods amazon-linux-2023-upgrade-java-22-amazon-corretto amazon-linux-2023-upgrade-java-22-amazon-corretto-devel amazon-linux-2023-upgrade-java-22-amazon-corretto-headless amazon-linux-2023-upgrade-java-22-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-22-amazon-corretto-jmods References https://attackerkb.com/topics/cve-2024-21145 CVE - 2024-21145 https://alas.aws.amazon.com/AL2023/ALAS-2024-667.html https://alas.aws.amazon.com/AL2023/ALAS-2024-668.html https://alas.aws.amazon.com/AL2023/ALAS-2024-669.html https://alas.aws.amazon.com/AL2023/ALAS-2024-670.html https://alas.aws.amazon.com/AL2023/ALAS-2024-671.html

Amazon Linux 2023: CVE-2024-21147: Important priority package update for java-22-amazon-corretto (Multiple Advisories) Severity 7 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:N) Published 07/16/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). Solution(s) amazon-linux-2023-upgrade-java-11-amazon-corretto amazon-linux-2023-upgrade-java-11-amazon-corretto-devel amazon-linux-2023-upgrade-java-11-amazon-corretto-headless amazon-linux-2023-upgrade-java-11-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-11-amazon-corretto-jmods amazon-linux-2023-upgrade-java-17-amazon-corretto amazon-linux-2023-upgrade-java-17-amazon-corretto-devel amazon-linux-2023-upgrade-java-17-amazon-corretto-headless amazon-linux-2023-upgrade-java-17-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-17-amazon-corretto-jmods amazon-linux-2023-upgrade-java-1-8-0-amazon-corretto amazon-linux-2023-upgrade-java-1-8-0-amazon-corretto-devel amazon-linux-2023-upgrade-java-21-amazon-corretto amazon-linux-2023-upgrade-java-21-amazon-corretto-devel amazon-linux-2023-upgrade-java-21-amazon-corretto-headless amazon-linux-2023-upgrade-java-21-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-21-amazon-corretto-jmods amazon-linux-2023-upgrade-java-22-amazon-corretto amazon-linux-2023-upgrade-java-22-amazon-corretto-devel amazon-linux-2023-upgrade-java-22-amazon-corretto-headless amazon-linux-2023-upgrade-java-22-amazon-corretto-javadoc amazon-linux-2023-upgrade-java-22-amazon-corretto-jmods References https://attackerkb.com/topics/cve-2024-21147 CVE - 2024-21147 https://alas.aws.amazon.com/AL2023/ALAS-2024-667.html https://alas.aws.amazon.com/AL2023/ALAS-2024-668.html https://alas.aws.amazon.com/AL2023/ALAS-2024-669.html https://alas.aws.amazon.com/AL2023/ALAS-2024-670.html https://alas.aws.amazon.com/AL2023/ALAS-2024-671.html

Ubuntu: (CVE-2022-48775): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put(). Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2022-48775 CVE - 2022-48775 https://git.kernel.org/linus/8bc69f86328e87a0ffa79438430cc82f3aa6a194 https://git.kernel.org/stable/c/417947891bd5ae327f15efed1a0da2b12ef24962 https://git.kernel.org/stable/c/8bc69f86328e87a0ffa79438430cc82f3aa6a194 https://git.kernel.org/stable/c/91d8866ca55232d21995a3d54fac96de33c9e20c https://git.kernel.org/stable/c/92e25b637cd4e010f776c86e4810300e773eac5c https://git.kernel.org/stable/c/c377e2ba78d3fe9a1f0b4ec424e75f81da7e81e9 https://git.kernel.org/stable/c/fe595759c2a4a5bb41c438474f15947d8ae32f5c https://www.cve.org/CVERecord?id=CVE-2022-48775 View more

Ubuntu: (CVE-2022-48792): linux-intel-iotg-5.15 vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_sata_completion(). In this case, the following are the two steps in handling those I/O completions: - Call complete() to inform the upper layer handler of completion of the I/O. - Release driver resources associated with the sas_task in pm8001_ccb_task_free() call. When complete() is called, the upper layer may free the sas_task. As such, we should not touch the associated sas_task afterwards, but we do so in the pm8001_ccb_task_free() call. Fix by swapping the complete() and pm8001_ccb_task_free() calls ordering. Solution(s) ubuntu-upgrade-linux-intel-iotg-5-15 References https://attackerkb.com/topics/cve-2022-48792 CVE - 2022-48792 https://git.kernel.org/linus/df7abcaa1246e2537ab4016077b5443bb3c09378 https://git.kernel.org/stable/c/d9d93f32534a0a80a1c26bdb0746d90a7b19c2c2 https://git.kernel.org/stable/c/df7abcaa1246e2537ab4016077b5443bb3c09378 https://git.kernel.org/stable/c/f61f9fccb2cb4bb275674a79d638704db6bc2171 https://git.kernel.org/stable/c/fe9ac3eaa2e387a5742b380b73a5a6bc237bf184 https://www.cve.org/CVERecord?id=CVE-2022-48792 View more

Ubuntu: (CVE-2022-48793): linux-intel-iotg-5.15 vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fix potential NULL derefernce on nested migration Turns out that due to review feedback and/or rebases I accidentally moved the call to nested_svm_load_cr3 to be too early, before the NPT is enabled, which is very wrong to do. KVM can't even access guest memory at that point as nested NPT is needed for that, and of course it won't initialize the walk_mmu, which is main issue the patch was addressing. Fix this for real. Solution(s) ubuntu-upgrade-linux-intel-iotg-5-15 References https://attackerkb.com/topics/cve-2022-48793 CVE - 2022-48793 https://git.kernel.org/linus/e1779c2714c3023e4629825762bcbc43a3b943df https://git.kernel.org/stable/c/352193edda48e08e8824a7ece09aec830a603cfe https://git.kernel.org/stable/c/74b426bea4f7e3b081add2b88d4fba16d3af7ab6 https://git.kernel.org/stable/c/e1779c2714c3023e4629825762bcbc43a3b943df https://www.cve.org/CVERecord?id=CVE-2022-48793

Ubuntu: (CVE-2022-48809): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to have a non-shared dst+metadata attached to a specific skb. The issue is the uncloned dst+metadata is initialized with a refcount of 1, which is increased to 2 before attaching it to the skb. When tun_dst_unclone returns, the dst+metadata is only referenced from a single place (the skb) while its refcount is 2. Its refcount will never drop to 0 (when the skb is consumed), leading to a memory leak. Fix this by removing the call to dst_hold in tun_dst_unclone, as the dst+metadata refcount is already 1. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2022-48809 CVE - 2022-48809 https://git.kernel.org/linus/9eeabdf17fa0ab75381045c867c370f4cc75a613 https://git.kernel.org/stable/c/00e6d6c3bc14dfe32824e2c515f0e0f2d6ecf2f1 https://git.kernel.org/stable/c/0be943916d781df2b652793bb2d3ae4f9624c10a https://git.kernel.org/stable/c/4ac84498fbe84a00e7aef185e2bb3e40ce71eca4 https://git.kernel.org/stable/c/8b1087b998e273f07be13dcb5f3ca4c309c7f108 https://git.kernel.org/stable/c/9eeabdf17fa0ab75381045c867c370f4cc75a613 https://git.kernel.org/stable/c/a80817adc2a4c1ba26a7aa5f3ed886e4a18dff88 https://git.kernel.org/stable/c/c1ff27d100e2670b03cbfddb9117e5f9fc672540 https://git.kernel.org/stable/c/fdcb263fa5cda15b8cb24a641fa2718c47605314 https://www.cve.org/CVERecord?id=CVE-2022-48809 View more

Ubuntu: (CVE-2022-48823): linux vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. [974.309060] [0000:00:00.0]:[qedf_eh_device_reset:868]: 1:0:2:0: LUN RESET Issued... [974.309065] [0000:00:00.0]:[qedf_initiate_tmf:2422]: tm_flags 0x10 sc_cmd 00000000c16b930f op = 0x2a target_id = 0x2 lun=0 [974.309178] [0000:00:00.0]:[qedf_initiate_tmf:2431]: portid=016900 tm_flags =LUN RESET [974.309222] [0000:00:00.0]:[qedf_initiate_tmf:2438]: orig io_req = 00000000ec78df8f xid = 0x180 ref_cnt = 1. [974.309625] host1: rport 016900: Received LOGO request while in state Ready [974.309627] host1: rport 016900: Delete port [974.309642] host1: rport 016900: work event 3 [974.309644] host1: rport 016900: lld callback ev 3 [974.313243] [0000:61:00.2]:[qedf_execute_tmf:2383]:1: fcport is uploading, not executing flush. [974.313295] [0000:61:00.2]:[qedf_execute_tmf:2400]:1: task mgmt command success... [984.031088] INFO: task jbd2/dm-15-8:7645 blocked for more than 120 seconds. [984.031136] Not tainted 4.18.0-305.el8.x86_64 #1 [984.031166] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [984.031209] jbd2/dm-15-8D076452 0x80004080 [984.031212] Call Trace: [984.031222]__schedule+0x2c4/0x700 [984.031230]? unfreeze_partials.isra.83+0x16e/0x1a0 [984.031233]? bit_wait_timeout+0x90/0x90 [984.031235]schedule+0x38/0xa0 [984.031238]io_schedule+0x12/0x40 [984.031240]bit_wait_io+0xd/0x50 [984.031243]__wait_on_bit+0x6c/0x80 [984.031248]? free_buffer_head+0x21/0x50 [984.031251]out_of_line_wait_on_bit+0x91/0xb0 [984.031257]? init_wait_var_entry+0x50/0x50 [984.031268]jbd2_journal_commit_transaction+0x112e/0x19f0 [jbd2] [984.031280]kjournald2+0xbd/0x270 [jbd2] [984.031284]? finish_wait+0x80/0x80 [984.031291]? commit_timeout+0x10/0x10 [jbd2] [984.031294]kthread+0x116/0x130 [984.031300]? kthread_flush_work_fn+0x10/0x10 [984.031305]ret_from_fork+0x1f/0x40 There was a ref count issue when LOGO is received during TMF. This leads to one of the I/Os hanging with the driver. Fix the ref count. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2022-48823 CVE - 2022-48823 https://git.kernel.org/linus/5239ab63f17cee643bd4bf6addfedebaa7d4f41e https://git.kernel.org/stable/c/5239ab63f17cee643bd4bf6addfedebaa7d4f41e https://git.kernel.org/stable/c/6be8eaad75ca73131e2a697f0270dc8ee73814a8 https://git.kernel.org/stable/c/7cc32ff0cd6c44a3c26de5faecfe8b5546198fad https://git.kernel.org/stable/c/7fcbed38503bb34c6e6538b6a9482d1c6bead1e8 https://git.kernel.org/stable/c/87f187e5265bc8e3b38faef8b9db864cdd61dde7 https://www.cve.org/CVERecord?id=CVE-2022-48823 View more

Ubuntu: (CVE-2022-48826): linux-intel-iotg-5.15 vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix deadlock on DSI device attach error DSI device attach to DSI host will be done with host device's lock held. Un-registering host in "device attach" error path (ex: probe retry) will result in deadlock with below call trace and non operational DSI display. Startup Call trace: [ 35.043036]rt_mutex_slowlock.constprop.21+0x184/0x1b8 [ 35.043048]mutex_lock_nested+0x7c/0xc8 [ 35.043060]device_del+0x4c/0x3e8 [ 35.043075]device_unregister+0x20/0x40 [ 35.043082]mipi_dsi_remove_device_fn+0x18/0x28 [ 35.043093]device_for_each_child+0x68/0xb0 [ 35.043105]mipi_dsi_host_unregister+0x40/0x90 [ 35.043115]vc4_dsi_host_attach+0xf0/0x120 [vc4] [ 35.043199]mipi_dsi_attach+0x30/0x48 [ 35.043209]tc358762_probe+0x128/0x164 [tc358762] [ 35.043225]mipi_dsi_drv_probe+0x28/0x38 [ 35.043234]really_probe+0xc0/0x318 [ 35.043244]__driver_probe_device+0x80/0xe8 [ 35.043254]driver_probe_device+0xb8/0x118 [ 35.043263]__device_attach_driver+0x98/0xe8 [ 35.043273]bus_for_each_drv+0x84/0xd8 [ 35.043281]__device_attach+0xf0/0x150 [ 35.043290]device_initial_probe+0x1c/0x28 [ 35.043300]bus_probe_device+0xa4/0xb0 [ 35.043308]deferred_probe_work_func+0xa0/0xe0 [ 35.043318]process_one_work+0x254/0x700 [ 35.043330]worker_thread+0x4c/0x448 [ 35.043339]kthread+0x19c/0x1a8 [ 35.043348]ret_from_fork+0x10/0x20 Shutdown Call trace: [365.565417] Call trace: [365.565423]__switch_to+0x148/0x200 [365.565452]__schedule+0x340/0x9c8 [365.565467]schedule+0x48/0x110 [365.565479]schedule_timeout+0x3b0/0x448 [365.565496]wait_for_completion+0xac/0x138 [365.565509]__flush_work+0x218/0x4e0 [365.565523]flush_work+0x1c/0x28 [365.565536]wait_for_device_probe+0x68/0x158 [365.565550]device_shutdown+0x24/0x348 [365.565561]kernel_restart_prepare+0x40/0x50 [365.565578]kernel_restart+0x20/0x70 [365.565591]__do_sys_reboot+0x10c/0x220 [365.565605]__arm64_sys_reboot+0x2c/0x38 [365.565619]invoke_syscall+0x4c/0x110 [365.565634]el0_svc_common.constprop.3+0xfc/0x120 [365.565648]do_el0_svc+0x2c/0x90 [365.565661]el0_svc+0x4c/0xf0 [365.565671]el0t_64_sync_handler+0x90/0xb8 [365.565682]el0t_64_sync+0x180/0x184 Solution(s) ubuntu-upgrade-linux-intel-iotg-5-15 References https://attackerkb.com/topics/cve-2022-48826 CVE - 2022-48826 https://git.kernel.org/linus/0a3d12ab5097b1d045e693412e6b366b7e82031b https://git.kernel.org/stable/c/0a3d12ab5097b1d045e693412e6b366b7e82031b https://git.kernel.org/stable/c/770d1ba9a8201ce9bee0946eb03746449b6f3b80 https://git.kernel.org/stable/c/dddd832f35096fbc5004e3a7e58fb4d2cefb8deb https://www.cve.org/CVERecord?id=CVE-2022-48826

Ubuntu: (CVE-2022-48840): linux-hwe-5.15 vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: iavf: Fix hang during reboot/shutdown Recent commit 974578017fc1 ("iavf: Add waiting so the port is initialized in remove") adds a wait-loop at the beginning of iavf_remove() to ensure that port initialization is finished prior unregistering net device. This causes a regression in reboot/shutdown scenario because in this case callback iavf_shutdown() is called and this callback detaches the device, makes it down if it is running and sets its state to __IAVF_REMOVE. Later shutdown callback of associated PF driver (e.g. ice_shutdown) is called. That callback calls among other things sriov_disable() that calls indirectly iavf_remove() (see stack trace below). As the adapter state is already __IAVF_REMOVE then the mentioned loop is end-less and shutdown process hangs. The patch fixes this by checking adapter's state at the beginning of iavf_remove() and skips the rest of the function if the adapter is already in remove state (shutdown is in progress). Reproducer: 1. Create VF on PF driven by ice or i40e driver 2. Ensure that the VF is bound to iavf driver 3. Reboot [52625.981294] sysrq: SysRq : Show Blocked State [52625.988377] task:rebootstate:D stack:0 pid:17359 ppid: 1 f2 [52625.996732] Call Trace: [52625.999187]__schedule+0x2d1/0x830 [52626.007400]schedule+0x35/0xa0 [52626.010545]schedule_hrtimeout_range_clock+0x83/0x100 [52626.020046]usleep_range+0x5b/0x80 [52626.023540]iavf_remove+0x63/0x5b0 [iavf] [52626.027645]pci_device_remove+0x3b/0xc0 [52626.031572]device_release_driver_internal+0x103/0x1f0 [52626.036805]pci_stop_bus_device+0x72/0xa0 [52626.040904]pci_stop_and_remove_bus_device+0xe/0x20 [52626.045870]pci_iov_remove_virtfn+0xba/0x120 [52626.050232]sriov_disable+0x2f/0xe0 [52626.053813]ice_free_vfs+0x7c/0x340 [ice] [52626.057946]ice_remove+0x220/0x240 [ice] [52626.061967]ice_shutdown+0x16/0x50 [ice] [52626.065987]pci_device_shutdown+0x34/0x60 [52626.070086]device_shutdown+0x165/0x1c5 [52626.074011]kernel_restart+0xe/0x30 [52626.077593]__do_sys_reboot+0x1d2/0x210 [52626.093815]do_syscall_64+0x5b/0x1a0 [52626.097483]entry_SYSCALL_64_after_hwframe+0x65/0xca Solution(s) ubuntu-upgrade-linux-azure-5-15 ubuntu-upgrade-linux-hwe-5-15 ubuntu-upgrade-linux-intel-iotg ubuntu-upgrade-linux-lowlatency-hwe-5-15 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-realtime References https://attackerkb.com/topics/cve-2022-48840 CVE - 2022-48840 https://git.kernel.org/linus/b04683ff8f0823b869c219c78ba0d974bddea0b5 https://git.kernel.org/stable/c/4477b9a4193b35eb3a8afd2adf2d42add2f88d57 https://git.kernel.org/stable/c/80974bb730270199c6fcb189af04d5945b87e813 https://git.kernel.org/stable/c/b04683ff8f0823b869c219c78ba0d974bddea0b5 https://www.cve.org/CVERecord?id=CVE-2022-48840

Ubuntu: (CVE-2022-48856): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fix refcount leak in gfar_get_ts_info The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 ubuntu-upgrade-linux-realtime References https://attackerkb.com/topics/cve-2022-48856 CVE - 2022-48856 https://git.kernel.org/linus/2ac5b58e645c66932438bb021cb5b52097ce70b0 https://git.kernel.org/stable/c/0e1b9a2078e07fb1e6e91bf8badfd89ecab1e848 https://git.kernel.org/stable/c/21044e679ed535345042d2023f7df0ca8e897e2a https://git.kernel.org/stable/c/2ac5b58e645c66932438bb021cb5b52097ce70b0 https://git.kernel.org/stable/c/6263f2eb93a85ad7df504daf0c341a7fb6bbe8a6 https://git.kernel.org/stable/c/f49f646f9ec296fc0afe7ae92c2bb47f23e3846c https://git.kernel.org/stable/c/f7b3b520349193f8a82cca74daf366199e06add9 https://www.cve.org/CVERecord?id=CVE-2022-48856 View more

Amazon Linux AMI 2: CVE-2024-21147: Security patch for java-1.8.0-amazon-corretto, java-1.8.0-openjdk, java-11-amazon-corretto, java-11-openjdk, java-17-amazon-corretto (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:N) Published 07/16/2024 Created 07/23/2024 Added 07/23/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). Solution(s) amazon-linux-ami-2-upgrade-java-1-8-0-amazon-corretto amazon-linux-ami-2-upgrade-java-1-8-0-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src-debug amazon-linux-ami-2-upgrade-java-11-amazon-corretto amazon-linux-ami-2-upgrade-java-11-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-11-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-11-openjdk amazon-linux-ami-2-upgrade-java-11-openjdk-debug amazon-linux-ami-2-upgrade-java-11-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-11-openjdk-demo amazon-linux-ami-2-upgrade-java-11-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-11-openjdk-devel amazon-linux-ami-2-upgrade-java-11-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-11-openjdk-headless amazon-linux-ami-2-upgrade-java-11-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-11-openjdk-jmods amazon-linux-ami-2-upgrade-java-11-openjdk-jmods-debug amazon-linux-ami-2-upgrade-java-11-openjdk-src amazon-linux-ami-2-upgrade-java-11-openjdk-src-debug amazon-linux-ami-2-upgrade-java-11-openjdk-static-libs amazon-linux-ami-2-upgrade-java-11-openjdk-static-libs-debug amazon-linux-ami-2-upgrade-java-17-amazon-corretto amazon-linux-ami-2-upgrade-java-17-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-17-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-17-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-17-amazon-corretto-jmods References https://attackerkb.com/topics/cve-2024-21147 AL2/ALAS-2024-2599 AL2/ALAS-2024-2600 AL2/ALAS-2024-2720 AL2/ALASCORRETTO8-2024-013 AL2/ALASJAVA-OPENJDK11-2024-010 CVE - 2024-21147

Amazon Linux AMI 2: CVE-2024-21144: Security patch for java-1.8.0-amazon-corretto, java-1.8.0-openjdk, java-11-amazon-corretto, java-11-openjdk (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 07/23/2024 Added 07/23/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) amazon-linux-ami-2-upgrade-java-1-8-0-amazon-corretto amazon-linux-ami-2-upgrade-java-1-8-0-amazon-corretto-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-accessibility-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src amazon-linux-ami-2-upgrade-java-1-8-0-openjdk-src-debug amazon-linux-ami-2-upgrade-java-11-amazon-corretto amazon-linux-ami-2-upgrade-java-11-amazon-corretto-headless amazon-linux-ami-2-upgrade-java-11-amazon-corretto-javadoc amazon-linux-ami-2-upgrade-java-11-openjdk amazon-linux-ami-2-upgrade-java-11-openjdk-debug amazon-linux-ami-2-upgrade-java-11-openjdk-debuginfo amazon-linux-ami-2-upgrade-java-11-openjdk-demo amazon-linux-ami-2-upgrade-java-11-openjdk-demo-debug amazon-linux-ami-2-upgrade-java-11-openjdk-devel amazon-linux-ami-2-upgrade-java-11-openjdk-devel-debug amazon-linux-ami-2-upgrade-java-11-openjdk-headless amazon-linux-ami-2-upgrade-java-11-openjdk-headless-debug amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-debug amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-zip amazon-linux-ami-2-upgrade-java-11-openjdk-javadoc-zip-debug amazon-linux-ami-2-upgrade-java-11-openjdk-jmods amazon-linux-ami-2-upgrade-java-11-openjdk-jmods-debug amazon-linux-ami-2-upgrade-java-11-openjdk-src amazon-linux-ami-2-upgrade-java-11-openjdk-src-debug amazon-linux-ami-2-upgrade-java-11-openjdk-static-libs amazon-linux-ami-2-upgrade-java-11-openjdk-static-libs-debug References https://attackerkb.com/topics/cve-2024-21144 AL2/ALAS-2024-2599 AL2/ALAS-2024-2720 AL2/ALASCORRETTO8-2024-013 AL2/ALASJAVA-OPENJDK11-2024-010 CVE - 2024-21144

Amazon Linux AMI 2: CVE-2022-48839: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 12/13/2024 Added 12/12/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: net/packet: fix slab-out-of-bounds access in packet_recvmsg() syzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH and mmap operations, tpacket_rcv() is queueing skbs with garbage in skb->cb[], triggering a too big copy [1] Presumably, users of af_packet using mmap() already gets correct metadata from the mapped buffer, we can simply make sure to clear 12 bytes that might be copied to user space later. BUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline] BUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489 Write of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631 CPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255 __kasan_report mm/kasan/report.c:442 [inline] kasan_report.cold+0x83/0xdf mm/kasan/report.c:459 check_region_inline mm/kasan/generic.c:183 [inline] kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189 memcpy+0x39/0x60 mm/kasan/shadow.c:66 memcpy include/linux/fortify-string.h:225 [inline] packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489 sock_recvmsg_nosec net/socket.c:948 [inline] sock_recvmsg net/socket.c:966 [inline] sock_recvmsg net/socket.c:962 [inline] ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632 ___sys_recvmsg+0x127/0x200 net/socket.c:2674 __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fdfd5954c29 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29 RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60 R13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54 </TASK> addr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame: ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246 this frame has 1 object: [32, 160) 'addr' Memory state around the buggy address: ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 >ffffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3 ^ ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00 ================================================================== Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-4-14-273-207-502 amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-109-104-500 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2022-48839 AL2/ALAS-2022-1768 AL2/ALASKERNEL-5.10-2022-013 AL2/ALASKERNEL-5.4-2022-025 CVE - 2022-48839

Ubuntu: (Multiple Advisories) (CVE-2024-21145): OpenJDK 8 vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/16/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) ubuntu-upgrade-openjdk-11-jdk ubuntu-upgrade-openjdk-11-jdk-headless ubuntu-upgrade-openjdk-11-jre ubuntu-upgrade-openjdk-11-jre-headless ubuntu-upgrade-openjdk-11-jre-zero ubuntu-upgrade-openjdk-17-jdk ubuntu-upgrade-openjdk-17-jdk-headless ubuntu-upgrade-openjdk-17-jre ubuntu-upgrade-openjdk-17-jre-headless ubuntu-upgrade-openjdk-17-jre-zero ubuntu-upgrade-openjdk-21-jdk ubuntu-upgrade-openjdk-21-jdk-headless ubuntu-upgrade-openjdk-21-jre ubuntu-upgrade-openjdk-21-jre-headless ubuntu-upgrade-openjdk-21-jre-zero ubuntu-upgrade-openjdk-8-jdk ubuntu-upgrade-openjdk-8-jdk-headless ubuntu-upgrade-openjdk-8-jre ubuntu-upgrade-openjdk-8-jre-headless ubuntu-upgrade-openjdk-8-jre-jamvm ubuntu-upgrade-openjdk-8-jre-zero References https://attackerkb.com/topics/cve-2024-21145 CVE - 2024-21145 USN-6929-1 USN-6930-1 USN-6931-1 USN-6932-1 USN-7096-1 USN-7097-1 USN-7098-1 View more

Ubuntu: USN-6934-1 (CVE-2024-21171): MySQL vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2024-21171 CVE - 2024-21171 USN-6934-1

Ubuntu: (CVE-2024-21135): mysql-8.0 vulnerability Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.36 and prior and8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-8-0 References https://attackerkb.com/topics/cve-2024-21135 CVE - 2024-21135 https://www.cve.org/CVERecord?id=CVE-2024-21135 https://www.oracle.com/security-alerts/cpujul2024.html

Microsoft Edge Chromium: CVE-2024-6777 Use after free in Navigation Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 07/16/2024 Created 07/20/2024 Added 07/19/2024 Modified 01/28/2025 Description Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6777 CVE - 2024-6777 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6777

Microsoft Edge Chromium: CVE-2024-6775 Use after free in Media Stream Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/16/2024 Created 07/20/2024 Added 07/19/2024 Modified 01/28/2025 Description Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6775 CVE - 2024-6775 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6775

VMware Photon OS: CVE-2024-21163 Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 07/16/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-21163 CVE - 2024-21163

Microsoft Edge Chromium: CVE-2024-6779 Out of bounds memory access in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/16/2024 Created 07/20/2024 Added 07/19/2024 Modified 01/28/2025 Description Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6779 CVE - 2024-6779 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6779

Microsoft Edge Chromium: CVE-2024-6772 Inappropriate implementation in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/16/2024 Created 07/20/2024 Added 07/19/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6772 CVE - 2024-6772 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6772