ISHACK AI BOT

FreeBSD: VID-AC025402-4CBC-4177-BD99-C20C03A07F23 (CVE-2024-6772): electron{29,30} -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/16/2024 Created 08/20/2024 Added 08/18/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-electron29 freebsd-upgrade-package-electron30 References CVE-2024-6772

Alpine Linux: CVE-2024-21131: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/16/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) alpine-linux-upgrade-openjdk11 alpine-linux-upgrade-openjdk17 alpine-linux-upgrade-openjdk21 References https://attackerkb.com/topics/cve-2024-21131 CVE - 2024-21131 https://security.alpinelinux.org/vuln/CVE-2024-21131

Huawei EulerOS: CVE-2024-6655: gtk3 security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 10/10/2024 Added 10/09/2024 Modified 10/09/2024 Description A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. Solution(s) huawei-euleros-2_0_sp11-upgrade-gtk3 huawei-euleros-2_0_sp11-upgrade-gtk3-devel huawei-euleros-2_0_sp11-upgrade-gtk3-help References https://attackerkb.com/topics/cve-2024-6655 CVE - 2024-6655 EulerOS-SA-2024-2582

Red Hat: CVE-2024-21131: OpenJDK: potential UTF8 size overflow (8314794) (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:P/A:N) Published 07/16/2024 Created 07/19/2024 Added 07/18/2024 Modified 09/03/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) redhat-upgrade-java-1-8-0-openjdk redhat-upgrade-java-1-8-0-openjdk-accessibility redhat-upgrade-java-1-8-0-openjdk-accessibility-fastdebug redhat-upgrade-java-1-8-0-openjdk-accessibility-slowdebug redhat-upgrade-java-1-8-0-openjdk-debuginfo redhat-upgrade-java-1-8-0-openjdk-debugsource redhat-upgrade-java-1-8-0-openjdk-demo redhat-upgrade-java-1-8-0-openjdk-demo-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel redhat-upgrade-java-1-8-0-openjdk-devel-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-fastdebug redhat-upgrade-java-1-8-0-openjdk-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless redhat-upgrade-java-1-8-0-openjdk-headless-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-javadoc redhat-upgrade-java-1-8-0-openjdk-javadoc-zip redhat-upgrade-java-1-8-0-openjdk-slowdebug redhat-upgrade-java-1-8-0-openjdk-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-src redhat-upgrade-java-1-8-0-openjdk-src-fastdebug redhat-upgrade-java-1-8-0-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk redhat-upgrade-java-11-openjdk-debuginfo redhat-upgrade-java-11-openjdk-debugsource redhat-upgrade-java-11-openjdk-demo redhat-upgrade-java-11-openjdk-demo-fastdebug redhat-upgrade-java-11-openjdk-demo-slowdebug redhat-upgrade-java-11-openjdk-devel redhat-upgrade-java-11-openjdk-devel-debuginfo redhat-upgrade-java-11-openjdk-devel-fastdebug redhat-upgrade-java-11-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-devel-slowdebug redhat-upgrade-java-11-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-fastdebug redhat-upgrade-java-11-openjdk-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless redhat-upgrade-java-11-openjdk-headless-debuginfo redhat-upgrade-java-11-openjdk-headless-fastdebug redhat-upgrade-java-11-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless-slowdebug redhat-upgrade-java-11-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-javadoc redhat-upgrade-java-11-openjdk-javadoc-zip redhat-upgrade-java-11-openjdk-jmods redhat-upgrade-java-11-openjdk-jmods-fastdebug redhat-upgrade-java-11-openjdk-jmods-slowdebug redhat-upgrade-java-11-openjdk-slowdebug redhat-upgrade-java-11-openjdk-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-src redhat-upgrade-java-11-openjdk-src-fastdebug redhat-upgrade-java-11-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk-static-libs redhat-upgrade-java-11-openjdk-static-libs-fastdebug redhat-upgrade-java-11-openjdk-static-libs-slowdebug redhat-upgrade-java-17-openjdk redhat-upgrade-java-17-openjdk-debuginfo redhat-upgrade-java-17-openjdk-debugsource redhat-upgrade-java-17-openjdk-demo redhat-upgrade-java-17-openjdk-demo-fastdebug redhat-upgrade-java-17-openjdk-demo-slowdebug redhat-upgrade-java-17-openjdk-devel redhat-upgrade-java-17-openjdk-devel-debuginfo redhat-upgrade-java-17-openjdk-devel-fastdebug redhat-upgrade-java-17-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-devel-slowdebug redhat-upgrade-java-17-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-fastdebug redhat-upgrade-java-17-openjdk-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless redhat-upgrade-java-17-openjdk-headless-debuginfo redhat-upgrade-java-17-openjdk-headless-fastdebug redhat-upgrade-java-17-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless-slowdebug redhat-upgrade-java-17-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-javadoc redhat-upgrade-java-17-openjdk-javadoc-zip redhat-upgrade-java-17-openjdk-jmods redhat-upgrade-java-17-openjdk-jmods-fastdebug redhat-upgrade-java-17-openjdk-jmods-slowdebug redhat-upgrade-java-17-openjdk-slowdebug redhat-upgrade-java-17-openjdk-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-src redhat-upgrade-java-17-openjdk-src-fastdebug redhat-upgrade-java-17-openjdk-src-slowdebug redhat-upgrade-java-17-openjdk-static-libs redhat-upgrade-java-17-openjdk-static-libs-fastdebug redhat-upgrade-java-17-openjdk-static-libs-slowdebug redhat-upgrade-java-21-openjdk redhat-upgrade-java-21-openjdk-debuginfo redhat-upgrade-java-21-openjdk-debugsource redhat-upgrade-java-21-openjdk-demo redhat-upgrade-java-21-openjdk-demo-fastdebug redhat-upgrade-java-21-openjdk-demo-slowdebug redhat-upgrade-java-21-openjdk-devel redhat-upgrade-java-21-openjdk-devel-debuginfo redhat-upgrade-java-21-openjdk-devel-fastdebug redhat-upgrade-java-21-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-devel-slowdebug redhat-upgrade-java-21-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-fastdebug redhat-upgrade-java-21-openjdk-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-headless redhat-upgrade-java-21-openjdk-headless-debuginfo redhat-upgrade-java-21-openjdk-headless-fastdebug redhat-upgrade-java-21-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-headless-slowdebug redhat-upgrade-java-21-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-javadoc redhat-upgrade-java-21-openjdk-javadoc-zip redhat-upgrade-java-21-openjdk-jmods redhat-upgrade-java-21-openjdk-jmods-fastdebug redhat-upgrade-java-21-openjdk-jmods-slowdebug redhat-upgrade-java-21-openjdk-slowdebug redhat-upgrade-java-21-openjdk-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-src redhat-upgrade-java-21-openjdk-src-fastdebug redhat-upgrade-java-21-openjdk-src-slowdebug redhat-upgrade-java-21-openjdk-static-libs redhat-upgrade-java-21-openjdk-static-libs-fastdebug redhat-upgrade-java-21-openjdk-static-libs-slowdebug References CVE-2024-21131 RHSA-2024:4563 RHSA-2024:4567 RHSA-2024:4568 RHSA-2024:4573

Huawei EulerOS: CVE-2022-48810: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 10/10/2024 Added 10/09/2024 Modified 10/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path ip[6]mr_free_table() can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c (10367) WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367 unregister_netdevice_many+0x1246/0x1850 net/core/dev.c:10367 Modules linked in: CPU: 1 PID: 5890 Comm: syz-executor.2 Not tainted 5.16.0-syzkaller-11627-g422ee58dc0ef #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:unregister_netdevice_many+0x1246/0x1850 net/core/dev.c:10367 Code: 0f 85 9b ee ff ff e8 69 07 4b fa ba 7f 28 00 00 48 c7 c6 00 90 ae 8a 48 c7 c7 40 90 ae 8a c6 05 6d b1 51 06 01 e8 8c 90 d8 01 <0f> 0b e9 70 ee ff ff e8 3e 07 4b fa 4c 89 e7 e8 86 2a 59 fa e9 ee RSP: 0018:ffffc900046ff6e0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: ffff888050f51d00 RSI: ffffffff815fa008 RDI: fffff520008dfece RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffff815f3d6e R11: 0000000000000000 R12: 00000000fffffff4 R13: dffffc0000000000 R14: ffffc900046ff750 R15: ffff88807b7dc000 FS:00007f4ab736e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fee0b4f8990 CR3: 000000001e7d2000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> mroute_clean_tables+0x244/0xb40 net/ipv6/ip6mr.c:1509 ip6mr_free_table net/ipv6/ip6mr.c:389 [inline] ip6mr_rules_init net/ipv6/ip6mr.c:246 [inline] ip6mr_net_init net/ipv6/ip6mr.c:1306 [inline] ip6mr_net_init+0x3f0/0x4e0 net/ipv6/ip6mr.c:1298 ops_init+0xaf/0x470 net/core/net_namespace.c:140 setup_net+0x54f/0xbb0 net/core/net_namespace.c:331 copy_net_ns+0x318/0x760 net/core/net_namespace.c:475 create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110 copy_namespaces+0x391/0x450 kernel/nsproxy.c:178 copy_process+0x2e0c/0x7300 kernel/fork.c:2167 kernel_clone+0xe7/0xab0 kernel/fork.c:2555 __do_sys_clone+0xc8/0x110 kernel/fork.c:2672 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f4ab89f9059 Code: Unable to access opcode bytes at RIP 0x7f4ab89f902f. RSP: 002b:00007f4ab736e118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f4ab8b0bf60 RCX: 00007f4ab89f9059 RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000040200000 RBP: 00007f4ab8a5308d R08: 0000000020000300 R09: 0000000020000300 R10: 00000000200002c0 R11: 0000000000000206 R12: 0000000000000000 R13: 00007ffc3977cc1f R14: 00007f4ab736e300 R15: 0000000000022000 </TASK> Solution(s) huawei-euleros-2_0_sp12-upgrade-bpftool huawei-euleros-2_0_sp12-upgrade-kernel huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp12-upgrade-kernel-tools huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs huawei-euleros-2_0_sp12-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48810 CVE - 2022-48810 EulerOS-SA-2024-2544

Red Hat: CVE-2024-21138: OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (Multiple Advisories) Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 07/19/2024 Added 07/18/2024 Modified 09/03/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) redhat-upgrade-java-1-8-0-openjdk redhat-upgrade-java-1-8-0-openjdk-accessibility redhat-upgrade-java-1-8-0-openjdk-accessibility-fastdebug redhat-upgrade-java-1-8-0-openjdk-accessibility-slowdebug redhat-upgrade-java-1-8-0-openjdk-debuginfo redhat-upgrade-java-1-8-0-openjdk-debugsource redhat-upgrade-java-1-8-0-openjdk-demo redhat-upgrade-java-1-8-0-openjdk-demo-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel redhat-upgrade-java-1-8-0-openjdk-devel-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-fastdebug redhat-upgrade-java-1-8-0-openjdk-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless redhat-upgrade-java-1-8-0-openjdk-headless-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-javadoc redhat-upgrade-java-1-8-0-openjdk-javadoc-zip redhat-upgrade-java-1-8-0-openjdk-slowdebug redhat-upgrade-java-1-8-0-openjdk-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-src redhat-upgrade-java-1-8-0-openjdk-src-fastdebug redhat-upgrade-java-1-8-0-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk redhat-upgrade-java-11-openjdk-debuginfo redhat-upgrade-java-11-openjdk-debugsource redhat-upgrade-java-11-openjdk-demo redhat-upgrade-java-11-openjdk-demo-fastdebug redhat-upgrade-java-11-openjdk-demo-slowdebug redhat-upgrade-java-11-openjdk-devel redhat-upgrade-java-11-openjdk-devel-debuginfo redhat-upgrade-java-11-openjdk-devel-fastdebug redhat-upgrade-java-11-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-devel-slowdebug redhat-upgrade-java-11-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-fastdebug redhat-upgrade-java-11-openjdk-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless redhat-upgrade-java-11-openjdk-headless-debuginfo redhat-upgrade-java-11-openjdk-headless-fastdebug redhat-upgrade-java-11-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-11-openjdk-headless-slowdebug redhat-upgrade-java-11-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-javadoc redhat-upgrade-java-11-openjdk-javadoc-zip redhat-upgrade-java-11-openjdk-jmods redhat-upgrade-java-11-openjdk-jmods-fastdebug redhat-upgrade-java-11-openjdk-jmods-slowdebug redhat-upgrade-java-11-openjdk-slowdebug redhat-upgrade-java-11-openjdk-slowdebug-debuginfo redhat-upgrade-java-11-openjdk-src redhat-upgrade-java-11-openjdk-src-fastdebug redhat-upgrade-java-11-openjdk-src-slowdebug redhat-upgrade-java-11-openjdk-static-libs redhat-upgrade-java-11-openjdk-static-libs-fastdebug redhat-upgrade-java-11-openjdk-static-libs-slowdebug redhat-upgrade-java-17-openjdk redhat-upgrade-java-17-openjdk-debuginfo redhat-upgrade-java-17-openjdk-debugsource redhat-upgrade-java-17-openjdk-demo redhat-upgrade-java-17-openjdk-demo-fastdebug redhat-upgrade-java-17-openjdk-demo-slowdebug redhat-upgrade-java-17-openjdk-devel redhat-upgrade-java-17-openjdk-devel-debuginfo redhat-upgrade-java-17-openjdk-devel-fastdebug redhat-upgrade-java-17-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-devel-slowdebug redhat-upgrade-java-17-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-fastdebug redhat-upgrade-java-17-openjdk-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless redhat-upgrade-java-17-openjdk-headless-debuginfo redhat-upgrade-java-17-openjdk-headless-fastdebug redhat-upgrade-java-17-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-17-openjdk-headless-slowdebug redhat-upgrade-java-17-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-javadoc redhat-upgrade-java-17-openjdk-javadoc-zip redhat-upgrade-java-17-openjdk-jmods redhat-upgrade-java-17-openjdk-jmods-fastdebug redhat-upgrade-java-17-openjdk-jmods-slowdebug redhat-upgrade-java-17-openjdk-slowdebug redhat-upgrade-java-17-openjdk-slowdebug-debuginfo redhat-upgrade-java-17-openjdk-src redhat-upgrade-java-17-openjdk-src-fastdebug redhat-upgrade-java-17-openjdk-src-slowdebug redhat-upgrade-java-17-openjdk-static-libs redhat-upgrade-java-17-openjdk-static-libs-fastdebug redhat-upgrade-java-17-openjdk-static-libs-slowdebug redhat-upgrade-java-21-openjdk redhat-upgrade-java-21-openjdk-debuginfo redhat-upgrade-java-21-openjdk-debugsource redhat-upgrade-java-21-openjdk-demo redhat-upgrade-java-21-openjdk-demo-fastdebug redhat-upgrade-java-21-openjdk-demo-slowdebug redhat-upgrade-java-21-openjdk-devel redhat-upgrade-java-21-openjdk-devel-debuginfo redhat-upgrade-java-21-openjdk-devel-fastdebug redhat-upgrade-java-21-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-devel-slowdebug redhat-upgrade-java-21-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-fastdebug redhat-upgrade-java-21-openjdk-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-headless redhat-upgrade-java-21-openjdk-headless-debuginfo redhat-upgrade-java-21-openjdk-headless-fastdebug redhat-upgrade-java-21-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-21-openjdk-headless-slowdebug redhat-upgrade-java-21-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-javadoc redhat-upgrade-java-21-openjdk-javadoc-zip redhat-upgrade-java-21-openjdk-jmods redhat-upgrade-java-21-openjdk-jmods-fastdebug redhat-upgrade-java-21-openjdk-jmods-slowdebug redhat-upgrade-java-21-openjdk-slowdebug redhat-upgrade-java-21-openjdk-slowdebug-debuginfo redhat-upgrade-java-21-openjdk-src redhat-upgrade-java-21-openjdk-src-fastdebug redhat-upgrade-java-21-openjdk-src-slowdebug redhat-upgrade-java-21-openjdk-static-libs redhat-upgrade-java-21-openjdk-static-libs-fastdebug redhat-upgrade-java-21-openjdk-static-libs-slowdebug References CVE-2024-21138 RHSA-2024:4563 RHSA-2024:4567 RHSA-2024:4568 RHSA-2024:4573

Huawei EulerOS: CVE-2024-39908: ruby security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 01/16/2025 Added 01/15/2025 Modified 01/15/2025 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. Solution(s) huawei-euleros-2_0_sp9-upgrade-ruby huawei-euleros-2_0_sp9-upgrade-ruby-help huawei-euleros-2_0_sp9-upgrade-ruby-irb References https://attackerkb.com/topics/cve-2024-39908 CVE - 2024-39908 EulerOS-SA-2025-1063

Red Hat: CVE-2024-39908: rexml: DoS vulnerability in REXML (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 09/20/2024 Added 09/20/2024 Modified 09/20/2024 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. Solution(s) redhat-upgrade-ruby redhat-upgrade-ruby-bundled-gems redhat-upgrade-ruby-bundled-gems-debuginfo redhat-upgrade-ruby-debuginfo redhat-upgrade-ruby-debugsource redhat-upgrade-ruby-default-gems redhat-upgrade-ruby-devel redhat-upgrade-ruby-doc redhat-upgrade-ruby-libs redhat-upgrade-ruby-libs-debuginfo redhat-upgrade-rubygem-abrt redhat-upgrade-rubygem-abrt-doc redhat-upgrade-rubygem-bigdecimal redhat-upgrade-rubygem-bigdecimal-debuginfo redhat-upgrade-rubygem-bundler redhat-upgrade-rubygem-io-console redhat-upgrade-rubygem-io-console-debuginfo redhat-upgrade-rubygem-irb redhat-upgrade-rubygem-json redhat-upgrade-rubygem-json-debuginfo redhat-upgrade-rubygem-minitest redhat-upgrade-rubygem-mysql2 redhat-upgrade-rubygem-mysql2-debuginfo redhat-upgrade-rubygem-mysql2-debugsource redhat-upgrade-rubygem-mysql2-doc redhat-upgrade-rubygem-pg redhat-upgrade-rubygem-pg-debuginfo redhat-upgrade-rubygem-pg-debugsource redhat-upgrade-rubygem-pg-doc redhat-upgrade-rubygem-power_assert redhat-upgrade-rubygem-psych redhat-upgrade-rubygem-psych-debuginfo redhat-upgrade-rubygem-racc redhat-upgrade-rubygem-racc-debuginfo redhat-upgrade-rubygem-rake redhat-upgrade-rubygem-rbs redhat-upgrade-rubygem-rbs-debuginfo redhat-upgrade-rubygem-rdoc redhat-upgrade-rubygem-rexml redhat-upgrade-rubygem-rss redhat-upgrade-rubygem-test-unit redhat-upgrade-rubygem-typeprof redhat-upgrade-rubygems redhat-upgrade-rubygems-devel References CVE-2024-39908 RHSA-2024:6784 RHSA-2024:6785

Red Hat: CVE-2024-41008: kernel: drm/amdgpu: change vm-&gt;task_info handling (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 09/26/2024 Added 09/25/2024 Modified 02/10/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm->task_info handling This patch changes the handling and lifecycle of vm->task_info object. The major changes are: - vm->task_info is a dynamically allocated ptr now, and its uasge is reference counted. - introducing two new helper funcs for task_info lifecycle management - amdgpu_vm_get_task_info: reference counts up task_info before returning this info - amdgpu_vm_put_task_info: reference counts down task_info - last put to task_info() frees task_info from the vm. This patch also does logistical changes required for existing usage of vm->task_info. V2: Do not block all the prints when task_info not found (Felix) V3: Fixed review comments from Felix - Fix wrong indentation - No debug message for -ENOMEM - Add NULL check for task_info - Do not duplicate the debug messages (ti vs no ti) - Get first reference of task_info in vm_init(), put last in vm_fini() V4: Fixed review comments from Felix - fix double reference increment in create_task_info - change amdgpu_vm_get_task_info_pasid - additional changes in amdgpu_gem.c while porting Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2024-41008 RHSA-2024:10771 RHSA-2024:7000 RHSA-2024:7001 RHSA-2024:9315

Huawei EulerOS: CVE-2022-48788: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .submit_async_event and the error recovery handler itself changing the ctrl state. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48788 CVE - 2022-48788 EulerOS-SA-2024-2815

Huawei EulerOS: CVE-2022-48828: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 11/11/2024 Description In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is already larger than Linux can handle. Currently decode_fattr4() dumps a full u64 value into ia_size. If that value happens to be larger than S64_MAX, then ia_size underflows. I'm about to fix up the NFSv3 behavior as well, so let's catch the underflow in the common code path: nfsd_setattr(). Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48828 CVE - 2022-48828 EulerOS-SA-2024-2815

Ubuntu: USN-6934-1 (CVE-2024-21163): MySQL vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:C) Published 07/16/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well asunauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2024-21163 CVE - 2024-21163 USN-6934-1

Huawei EulerOS: CVE-2022-48789: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .submit_async_event and the error recovery handler itself changing the ctrl state. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48789 CVE - 2022-48789 EulerOS-SA-2024-2394

Huawei EulerOS: CVE-2022-48810: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path ip[6]mr_free_table() can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c (10367) WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367 unregister_netdevice_many+0x1246/0x1850 net/core/dev.c:10367 Modules linked in: CPU: 1 PID: 5890 Comm: syz-executor.2 Not tainted 5.16.0-syzkaller-11627-g422ee58dc0ef #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:unregister_netdevice_many+0x1246/0x1850 net/core/dev.c:10367 Code: 0f 85 9b ee ff ff e8 69 07 4b fa ba 7f 28 00 00 48 c7 c6 00 90 ae 8a 48 c7 c7 40 90 ae 8a c6 05 6d b1 51 06 01 e8 8c 90 d8 01 <0f> 0b e9 70 ee ff ff e8 3e 07 4b fa 4c 89 e7 e8 86 2a 59 fa e9 ee RSP: 0018:ffffc900046ff6e0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: ffff888050f51d00 RSI: ffffffff815fa008 RDI: fffff520008dfece RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffff815f3d6e R11: 0000000000000000 R12: 00000000fffffff4 R13: dffffc0000000000 R14: ffffc900046ff750 R15: ffff88807b7dc000 FS:00007f4ab736e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fee0b4f8990 CR3: 000000001e7d2000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> mroute_clean_tables+0x244/0xb40 net/ipv6/ip6mr.c:1509 ip6mr_free_table net/ipv6/ip6mr.c:389 [inline] ip6mr_rules_init net/ipv6/ip6mr.c:246 [inline] ip6mr_net_init net/ipv6/ip6mr.c:1306 [inline] ip6mr_net_init+0x3f0/0x4e0 net/ipv6/ip6mr.c:1298 ops_init+0xaf/0x470 net/core/net_namespace.c:140 setup_net+0x54f/0xbb0 net/core/net_namespace.c:331 copy_net_ns+0x318/0x760 net/core/net_namespace.c:475 create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110 copy_namespaces+0x391/0x450 kernel/nsproxy.c:178 copy_process+0x2e0c/0x7300 kernel/fork.c:2167 kernel_clone+0xe7/0xab0 kernel/fork.c:2555 __do_sys_clone+0xc8/0x110 kernel/fork.c:2672 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f4ab89f9059 Code: Unable to access opcode bytes at RIP 0x7f4ab89f902f. RSP: 002b:00007f4ab736e118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f4ab8b0bf60 RCX: 00007f4ab89f9059 RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000040200000 RBP: 00007f4ab8a5308d R08: 0000000020000300 R09: 0000000020000300 R10: 00000000200002c0 R11: 0000000000000206 R12: 0000000000000000 R13: 00007ffc3977cc1f R14: 00007f4ab736e300 R15: 0000000000022000 </TASK> Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48810 CVE - 2022-48810 EulerOS-SA-2024-2394

Huawei EulerOS: CVE-2022-48799: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list corruption on cgrp_cpuctx_list. This happens on the following path: perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list) cpu_ctx_sched_in ctx_sched_in ctx_pinned_sched_in merge_sched_in perf_cgroup_event_disable: remove the event from the list Use list_for_each_entry_safe() to allow removing an entry during iteration. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48799 CVE - 2022-48799 EulerOS-SA-2024-2369

Huawei EulerOS: CVE-2022-48855: kernel security update Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initialized if inet_sctp_diag_fill() calls inet_diag_msg_common_fill() Make sure to clear idiag_timer/idiag_retrans/idiag_expires and let inet_diag_msg_sctpasoc_fill() fill them again if needed. [1] BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline] BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [inline] copyout lib/iov_iter.c:154 [inline] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [inline] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533 skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline] netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977 sock_recvmsg_nosec net/socket.c:948 [inline] sock_recvmsg net/socket.c:966 [inline] __sys_recvfrom+0x795/0xa10 net/socket.c:2097 __do_sys_recvfrom net/socket.c:2115 [inline] __se_sys_recvfrom net/socket.c:2111 [inline] __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit was created at: slab_post_alloc_hook mm/slab.h:737 [inline] slab_alloc_node mm/slub.c:3247 [inline] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975 kmalloc_reserve net/core/skbuff.c:354 [inline] __alloc_skb+0x545/0xf90 net/core/skbuff.c:426 alloc_skb include/linux/skbuff.h:1158 [inline] netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248 __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373 netlink_dump_start include/linux/netlink.h:254 [inline] inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341 sock_diag_rcv_msg+0x24a/0x620 netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494 sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline] netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343 netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:705 [inline] sock_sendmsg net/socket.c:725 [inline] sock_write_iter+0x594/0x690 net/socket.c:1061 do_iter_readv_writev+0xa7f/0xc70 do_iter_write+0x52c/0x1500 fs/read_write.c:851 vfs_writev fs/read_write.c:924 [inline] do_writev+0x645/0xe00 fs/read_write.c:967 __do_sys_writev fs/read_write.c:1040 [inline] __se_sys_writev fs/read_write.c:1037 [inline] __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Bytes 68-71 of 2508 are uninitialized Memory access of size 2508 starts at ffff888114f9b000 Data copied to user address 00007f7fe09ff2e0 CPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48855 CVE - 2022-48855 EulerOS-SA-2024-2394

Huawei EulerOS: CVE-2022-48843: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. So if the driver tries to call drm core set prop function without it being attached that causes NULL dereference. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48843 CVE - 2022-48843 EulerOS-SA-2024-2394

Alma Linux: CVE-2024-39908: Moderate: ruby:3.3 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 09/24/2024 Added 09/23/2024 Modified 09/23/2024 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. Solution(s) alma-upgrade-ruby alma-upgrade-ruby-bundled-gems alma-upgrade-ruby-default-gems alma-upgrade-ruby-devel alma-upgrade-ruby-doc alma-upgrade-ruby-libs alma-upgrade-rubygem-abrt alma-upgrade-rubygem-abrt-doc alma-upgrade-rubygem-bigdecimal alma-upgrade-rubygem-bundler alma-upgrade-rubygem-io-console alma-upgrade-rubygem-irb alma-upgrade-rubygem-json alma-upgrade-rubygem-minitest alma-upgrade-rubygem-mysql2 alma-upgrade-rubygem-mysql2-doc alma-upgrade-rubygem-pg alma-upgrade-rubygem-pg-doc alma-upgrade-rubygem-power_assert alma-upgrade-rubygem-psych alma-upgrade-rubygem-racc alma-upgrade-rubygem-rake alma-upgrade-rubygem-rbs alma-upgrade-rubygem-rdoc alma-upgrade-rubygem-rexml alma-upgrade-rubygem-rss alma-upgrade-rubygem-test-unit alma-upgrade-rubygem-typeprof alma-upgrade-rubygems alma-upgrade-rubygems-devel References https://attackerkb.com/topics/cve-2024-39908 CVE - 2024-39908 https://errata.almalinux.org/8/ALSA-2024-6784.html https://errata.almalinux.org/9/ALSA-2024-6785.html

Huawei EulerOS: CVE-2022-48836: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: Input: aiptek - properly check endpoint type Syzbot reported warning in usb_submit_urb() which is caused by wrong endpoint type. There was a check for the number of endpoints, but not for the type of endpoint. Fix it by replacing old desc.bNumEndpoints check with usb_find_common_endpoints() helper for finding endpoints Fail log: usb 5-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 2 PID: 48 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502 Modules linked in: CPU: 2 PID: 48 Comm: kworker/2:2 Not tainted 5.17.0-rc6-syzkaller-00226-g07ebd38a0da2 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Workqueue: usb_hub_wq hub_event ... Call Trace: <TASK> aiptek_open+0xd5/0x130 drivers/input/tablet/aiptek.c:830 input_open_device+0x1bb/0x320 drivers/input/input.c:629 kbd_connect+0xfe/0x160 drivers/tty/vt/keyboard.c:1593 Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48836 CVE - 2022-48836 EulerOS-SA-2024-2394

Huawei EulerOS: CVE-2022-48775: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put(). Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48775 CVE - 2022-48775 EulerOS-SA-2024-2394

Huawei EulerOS: CVE-2022-48863: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix memory leak in dsp_pipeline_build() dsp_pipeline_build() allocates dup pointer by kstrdup(cfg), but then it updates dup variable by strsep(&dup, "|"). As a result when it calls kfree(dup), the dup variable contains NULL. Found by Linux Driver Verification project (linuxtesting.org) with SVACE. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48863 CVE - 2022-48863 EulerOS-SA-2024-2832

SUSE: CVE-2024-6776: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/16/2024 Created 07/23/2024 Added 07/23/2024 Modified 01/28/2025 Description Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-6776 CVE - 2024-6776

IBM AIX: java_nov2024_advisory (CVE-2024-21145): Vulnerability in IBM Java SDK affects AIX Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/16/2024 Created 11/21/2024 Added 11/20/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) ibm-aix-java_nov2024_advisory References https://attackerkb.com/topics/cve-2024-21145 CVE - 2024-21145 https://aix.software.ibm.com/aix/efixes/security/java_nov2024_advisory.asc

Ubuntu: (CVE-2024-21137): mysql-8.0 vulnerability Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.35 and prior and8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-8-0 References https://attackerkb.com/topics/cve-2024-21137 CVE - 2024-21137 https://www.cve.org/CVERecord?id=CVE-2024-21137 https://www.oracle.com/security-alerts/cpujul2024.html

Oracle Database: Critical Patch Update - July 2024 (CVE-2024-21126) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 07/30/2024 Added 07/29/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server.Supported versions that are affected are 19.3-19.23 and21.3-21.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via DNS to compromise Oracle Database Portable Clusterware.While the vulnerability is in Oracle Database Portable Clusterware, attacks may significantly impact additional products (scope change).Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database Portable Clusterware. CVSS 3.1 Base Score 5.8 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L). Solution(s) oracle-apply-jul-2024-cpu References https://attackerkb.com/topics/cve-2024-21126 CVE - 2024-21126 http://www.oracle.com/security-alerts/cpujul2024.html https://support.oracle.com/rs?type=doc&id=3027813.1