ISHACK AI BOT

Rocky Linux: CVE-2022-48836: kernel-rt (RLSA-2024-7001) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: Input: aiptek - properly check endpoint type Syzbot reported warning in usb_submit_urb() which is caused by wrong endpoint type. There was a check for the number of endpoints, but not for the type of endpoint. Fix it by replacing old desc.bNumEndpoints check with usb_find_common_endpoints() helper for finding endpoints Fail log: usb 5-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 2 PID: 48 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502 Modules linked in: CPU: 2 PID: 48 Comm: kworker/2:2 Not tainted 5.17.0-rc6-syzkaller-00226-g07ebd38a0da2 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Workqueue: usb_hub_wq hub_event ... Call Trace: <TASK> aiptek_open+0xd5/0x130 drivers/input/tablet/aiptek.c:830 input_open_device+0x1bb/0x320 drivers/input/input.c:629 kbd_connect+0xfe/0x160 drivers/tty/vt/keyboard.c:1593 Solution(s) rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra References https://attackerkb.com/topics/cve-2022-48836 CVE - 2022-48836 https://errata.rockylinux.org/RLSA-2024:7001

Rocky Linux: CVE-2022-48773: kernel-rt (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries free them, resulting in an Oops. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2022-48773 CVE - 2022-48773 https://errata.rockylinux.org/RLSA-2024:8856 https://errata.rockylinux.org/RLSA-2024:8870

Ubuntu: (CVE-2024-21160): mysql-8.0 vulnerability Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.36 and prior and8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-8-0 References https://attackerkb.com/topics/cve-2024-21160 CVE - 2024-21160 https://www.cve.org/CVERecord?id=CVE-2024-21160 https://www.oracle.com/security-alerts/cpujul2024.html

Ubuntu: USN-6934-1 (CVE-2024-21130): MySQL vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2024-21130 CVE - 2024-21130 USN-6934-1

Ubuntu: (Multiple Advisories) (CVE-2024-21138): OpenJDK 8 vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) ubuntu-upgrade-openjdk-11-jdk ubuntu-upgrade-openjdk-11-jdk-headless ubuntu-upgrade-openjdk-11-jre ubuntu-upgrade-openjdk-11-jre-headless ubuntu-upgrade-openjdk-11-jre-zero ubuntu-upgrade-openjdk-17-jdk ubuntu-upgrade-openjdk-17-jdk-headless ubuntu-upgrade-openjdk-17-jre ubuntu-upgrade-openjdk-17-jre-headless ubuntu-upgrade-openjdk-17-jre-zero ubuntu-upgrade-openjdk-21-jdk ubuntu-upgrade-openjdk-21-jdk-headless ubuntu-upgrade-openjdk-21-jre ubuntu-upgrade-openjdk-21-jre-headless ubuntu-upgrade-openjdk-21-jre-zero ubuntu-upgrade-openjdk-8-jdk ubuntu-upgrade-openjdk-8-jdk-headless ubuntu-upgrade-openjdk-8-jre ubuntu-upgrade-openjdk-8-jre-headless ubuntu-upgrade-openjdk-8-jre-jamvm ubuntu-upgrade-openjdk-8-jre-zero References https://attackerkb.com/topics/cve-2024-21138 CVE - 2024-21138 USN-6929-1 USN-6930-1 USN-6931-1 USN-6932-1 USN-7096-1 USN-7097-1 USN-7098-1 View more

VMware Photon OS: CVE-2024-21160 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.36 and prior and8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-21160 CVE - 2024-21160

VMware Photon OS: CVE-2024-21134 Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:P) Published 07/16/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.3 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-21134 CVE - 2024-21134

Huawei EulerOS: CVE-2022-48850: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: net-sysfs: add check for netdevice being present to speed_show When bringing down the netdevice or system shutdown, a panic can be triggered while accessing the sysfs path because the device is already removed. [755.549084] mlx5_core 0000:12:00.1: Shutdown was called [756.404455] mlx5_core 0000:12:00.0: Shutdown was called ... [757.937260] BUG: unable to handle kernel NULL pointer dereference at (null) [758.031397] IP: [<ffffffff8ee11acb>] dma_pool_alloc+0x1ab/0x280 crash> bt ... PID: 12649TASK: ffff8924108f2100CPU: 1 COMMAND: "amsd" ... #9 [ffff89240e1a38b0] page_fault at ffffffff8f38c778 [exception RIP: dma_pool_alloc+0x1ab] RIP: ffffffff8ee11acbRSP: ffff89240e1a3968RFLAGS: 00010046 RAX: 0000000000000246RBX: ffff89243d874100RCX: 0000000000001000 RDX: 0000000000000000RSI: 0000000000000246RDI: ffff89243d874090 RBP: ffff89240e1a39c0 R8: 000000000001f080 R9: ffff8905ffc03c00 R10: ffffffffc04680d4R11: ffffffff8edde9fdR12: 00000000000080d0 R13: ffff89243d874090R14: ffff89243d874080R15: 0000000000000000 ORIG_RAX: ffffffffffffffffCS: 0010SS: 0018 #10 [ffff89240e1a39c8] mlx5_alloc_cmd_msg at ffffffffc04680f3 [mlx5_core] #11 [ffff89240e1a3a18] cmd_exec at ffffffffc046ad62 [mlx5_core] #12 [ffff89240e1a3ab8] mlx5_cmd_exec at ffffffffc046b4fb [mlx5_core] #13 [ffff89240e1a3ae8] mlx5_core_access_reg at ffffffffc0475434 [mlx5_core] #14 [ffff89240e1a3b40] mlx5e_get_fec_caps at ffffffffc04a7348 [mlx5_core] #15 [ffff89240e1a3bb0] get_fec_supported_advertised at ffffffffc04992bf [mlx5_core] #16 [ffff89240e1a3c08] mlx5e_get_link_ksettings at ffffffffc049ab36 [mlx5_core] #17 [ffff89240e1a3ce8] __ethtool_get_link_ksettings at ffffffff8f25db46 #18 [ffff89240e1a3d48] speed_show at ffffffff8f277208 #19 [ffff89240e1a3dd8] dev_attr_show at ffffffff8f0b70e3 #20 [ffff89240e1a3df8] sysfs_kf_seq_show at ffffffff8eedbedf #21 [ffff89240e1a3e18] kernfs_seq_show at ffffffff8eeda596 #22 [ffff89240e1a3e28] seq_read at ffffffff8ee76d10 #23 [ffff89240e1a3e98] kernfs_fop_read at ffffffff8eedaef5 #24 [ffff89240e1a3ed8] vfs_read at ffffffff8ee4e3ff #25 [ffff89240e1a3f08] sys_read at ffffffff8ee4f27f #26 [ffff89240e1a3f50] system_call_fastpath at ffffffff8f395f92 crash> net_device.state ffff89443b0c0000 state = 0x5(__LINK_STATE_START| __LINK_STATE_NOCARRIER) To prevent this scenario, we also make sure that the netdevice is present. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48850 CVE - 2022-48850 EulerOS-SA-2024-2441

Huawei EulerOS: CVE-2022-48828: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/13/2025 Description In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is already larger than Linux can handle. Currently decode_fattr4() dumps a full u64 value into ia_size. If that value happens to be larger than S64_MAX, then ia_size underflows. I'm about to fix up the NFSv3 behavior as well, so let's catch the underflow in the common code path: nfsd_setattr(). Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48828 CVE - 2022-48828 EulerOS-SA-2024-2888

Ubuntu: (CVE-2022-48787): linux vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which then in iwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. However the new code I added will still erroneously access it after it was freed. Set 'failure=false' in this case to avoid the access, all data was already freed anyway. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2022-48787 CVE - 2022-48787 https://git.kernel.org/linus/bea2662e7818e15d7607d17d57912ac984275d94 https://git.kernel.org/stable/c/008508c16af0087cda0394e1ac6f0493b01b6063 https://git.kernel.org/stable/c/494de920d98f125b099f27a2d274850750aff957 https://git.kernel.org/stable/c/7d6475179b85a83186ccce59cdc359d4f07d0bcb https://git.kernel.org/stable/c/9958b9cbb22145295ee1ffaea0904c383da2c05d https://git.kernel.org/stable/c/bea2662e7818e15d7607d17d57912ac984275d94 https://git.kernel.org/stable/c/d3b98fe36f8a06ce654049540773256ab59cb53d https://git.kernel.org/stable/c/ddd46059f7d99119b62d44c519df7a79f2e6a515 https://www.cve.org/CVERecord?id=CVE-2022-48787 View more

Huawei EulerOS: CVE-2022-48855: kernel security update Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initialized if inet_sctp_diag_fill() calls inet_diag_msg_common_fill() Make sure to clear idiag_timer/idiag_retrans/idiag_expires and let inet_diag_msg_sctpasoc_fill() fill them again if needed. [1] BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline] BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [inline] copyout lib/iov_iter.c:154 [inline] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [inline] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533 skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline] netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977 sock_recvmsg_nosec net/socket.c:948 [inline] sock_recvmsg net/socket.c:966 [inline] __sys_recvfrom+0x795/0xa10 net/socket.c:2097 __do_sys_recvfrom net/socket.c:2115 [inline] __se_sys_recvfrom net/socket.c:2111 [inline] __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit was created at: slab_post_alloc_hook mm/slab.h:737 [inline] slab_alloc_node mm/slub.c:3247 [inline] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975 kmalloc_reserve net/core/skbuff.c:354 [inline] __alloc_skb+0x545/0xf90 net/core/skbuff.c:426 alloc_skb include/linux/skbuff.h:1158 [inline] netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248 __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373 netlink_dump_start include/linux/netlink.h:254 [inline] inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341 sock_diag_rcv_msg+0x24a/0x620 netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494 sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline] netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343 netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:705 [inline] sock_sendmsg net/socket.c:725 [inline] sock_write_iter+0x594/0x690 net/socket.c:1061 do_iter_readv_writev+0xa7f/0xc70 do_iter_write+0x52c/0x1500 fs/read_write.c:851 vfs_writev fs/read_write.c:924 [inline] do_writev+0x645/0xe00 fs/read_write.c:967 __do_sys_writev fs/read_write.c:1040 [inline] __se_sys_writev fs/read_write.c:1037 [inline] __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Bytes 68-71 of 2508 are uninitialized Memory access of size 2508 starts at ffff888114f9b000 Data copied to user address 00007f7fe09ff2e0 CPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48855 CVE - 2022-48855 EulerOS-SA-2024-2441

Oracle Linux: CVE-2024-21140: ELSA-2024-4560:java-1.8.0-openjdk security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:N/AC:H/Au:N/C:P/I:P/A:N) Published 07/16/2024 Created 07/20/2024 Added 08/16/2024 Modified 01/07/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) oracle-linux-upgrade-java-11-openjdk oracle-linux-upgrade-java-11-openjdk-demo oracle-linux-upgrade-java-11-openjdk-demo-fastdebug oracle-linux-upgrade-java-11-openjdk-demo-slowdebug oracle-linux-upgrade-java-11-openjdk-devel oracle-linux-upgrade-java-11-openjdk-devel-fastdebug oracle-linux-upgrade-java-11-openjdk-devel-slowdebug oracle-linux-upgrade-java-11-openjdk-fastdebug oracle-linux-upgrade-java-11-openjdk-headless oracle-linux-upgrade-java-11-openjdk-headless-fastdebug oracle-linux-upgrade-java-11-openjdk-headless-slowdebug oracle-linux-upgrade-java-11-openjdk-javadoc oracle-linux-upgrade-java-11-openjdk-javadoc-zip oracle-linux-upgrade-java-11-openjdk-jmods oracle-linux-upgrade-java-11-openjdk-jmods-fastdebug oracle-linux-upgrade-java-11-openjdk-jmods-slowdebug oracle-linux-upgrade-java-11-openjdk-slowdebug oracle-linux-upgrade-java-11-openjdk-src oracle-linux-upgrade-java-11-openjdk-src-fastdebug oracle-linux-upgrade-java-11-openjdk-src-slowdebug oracle-linux-upgrade-java-11-openjdk-static-libs oracle-linux-upgrade-java-11-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-11-openjdk-static-libs-slowdebug oracle-linux-upgrade-java-17-openjdk oracle-linux-upgrade-java-17-openjdk-demo oracle-linux-upgrade-java-17-openjdk-demo-fastdebug oracle-linux-upgrade-java-17-openjdk-demo-slowdebug oracle-linux-upgrade-java-17-openjdk-devel oracle-linux-upgrade-java-17-openjdk-devel-fastdebug oracle-linux-upgrade-java-17-openjdk-devel-slowdebug oracle-linux-upgrade-java-17-openjdk-fastdebug oracle-linux-upgrade-java-17-openjdk-headless oracle-linux-upgrade-java-17-openjdk-headless-fastdebug oracle-linux-upgrade-java-17-openjdk-headless-slowdebug oracle-linux-upgrade-java-17-openjdk-javadoc oracle-linux-upgrade-java-17-openjdk-javadoc-zip oracle-linux-upgrade-java-17-openjdk-jmods oracle-linux-upgrade-java-17-openjdk-jmods-fastdebug oracle-linux-upgrade-java-17-openjdk-jmods-slowdebug oracle-linux-upgrade-java-17-openjdk-slowdebug oracle-linux-upgrade-java-17-openjdk-src oracle-linux-upgrade-java-17-openjdk-src-fastdebug oracle-linux-upgrade-java-17-openjdk-src-slowdebug oracle-linux-upgrade-java-17-openjdk-static-libs oracle-linux-upgrade-java-17-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-17-openjdk-static-libs-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk oracle-linux-upgrade-java-1-8-0-openjdk-accessibility oracle-linux-upgrade-java-1-8-0-openjdk-accessibility-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-accessibility-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-demo oracle-linux-upgrade-java-1-8-0-openjdk-demo-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-demo-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-devel oracle-linux-upgrade-java-1-8-0-openjdk-devel-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-devel-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-headless oracle-linux-upgrade-java-1-8-0-openjdk-headless-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-headless-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-javadoc oracle-linux-upgrade-java-1-8-0-openjdk-javadoc-zip oracle-linux-upgrade-java-1-8-0-openjdk-slowdebug oracle-linux-upgrade-java-1-8-0-openjdk-src oracle-linux-upgrade-java-1-8-0-openjdk-src-fastdebug oracle-linux-upgrade-java-1-8-0-openjdk-src-slowdebug oracle-linux-upgrade-java-21-openjdk oracle-linux-upgrade-java-21-openjdk-demo oracle-linux-upgrade-java-21-openjdk-demo-fastdebug oracle-linux-upgrade-java-21-openjdk-demo-slowdebug oracle-linux-upgrade-java-21-openjdk-devel oracle-linux-upgrade-java-21-openjdk-devel-fastdebug oracle-linux-upgrade-java-21-openjdk-devel-slowdebug oracle-linux-upgrade-java-21-openjdk-fastdebug oracle-linux-upgrade-java-21-openjdk-headless oracle-linux-upgrade-java-21-openjdk-headless-fastdebug oracle-linux-upgrade-java-21-openjdk-headless-slowdebug oracle-linux-upgrade-java-21-openjdk-javadoc oracle-linux-upgrade-java-21-openjdk-javadoc-zip oracle-linux-upgrade-java-21-openjdk-jmods oracle-linux-upgrade-java-21-openjdk-jmods-fastdebug oracle-linux-upgrade-java-21-openjdk-jmods-slowdebug oracle-linux-upgrade-java-21-openjdk-slowdebug oracle-linux-upgrade-java-21-openjdk-src oracle-linux-upgrade-java-21-openjdk-src-fastdebug oracle-linux-upgrade-java-21-openjdk-src-slowdebug oracle-linux-upgrade-java-21-openjdk-static-libs oracle-linux-upgrade-java-21-openjdk-static-libs-fastdebug oracle-linux-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2024-21140 CVE - 2024-21140 ELSA-2024-4560 ELSA-2024-4573 ELSA-2024-4568 ELSA-2024-4567 ELSA-2024-4564 ELSA-2024-4563 View more

Huawei EulerOS: CVE-2022-48809: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to have a non-shared dst+metadata attached to a specific skb. The issue is the uncloned dst+metadata is initialized with a refcount of 1, which is increased to 2 before attaching it to the skb. When tun_dst_unclone returns, the dst+metadata is only referenced from a single place (the skb) while its refcount is 2. Its refcount will never drop to 0 (when the skb is consumed), leading to a memory leak. Fix this by removing the call to dst_hold in tun_dst_unclone, as the dst+metadata refcount is already 1. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48809 CVE - 2022-48809 EulerOS-SA-2024-2394

SUSE: CVE-2024-6774: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/16/2024 Created 07/23/2024 Added 07/23/2024 Modified 01/28/2025 Description Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-6774 CVE - 2024-6774

Oracle Linux: CVE-2022-48773: ELSA-2024-8856:kernel security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/16/2024 Created 11/13/2024 Added 11/11/2024 Modified 01/07/2025 Description In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries free them, resulting in an Oops. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2022-48773 CVE - 2022-48773 ELSA-2024-8856

SUSE: CVE-2024-6655: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 07/31/2024 Added 07/31/2024 Modified 01/08/2025 Description A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. Solution(s) suse-upgrade-gettext-its-gtk3 suse-upgrade-gnome-themes-accessibility suse-upgrade-gnome-themes-accessibility-gtk2 suse-upgrade-gtk2-branding-upstream suse-upgrade-gtk2-data suse-upgrade-gtk2-devel suse-upgrade-gtk2-devel-32bit suse-upgrade-gtk2-immodule-amharic suse-upgrade-gtk2-immodule-amharic-32bit suse-upgrade-gtk2-immodule-inuktitut suse-upgrade-gtk2-immodule-inuktitut-32bit suse-upgrade-gtk2-immodule-multipress suse-upgrade-gtk2-immodule-multipress-32bit suse-upgrade-gtk2-immodule-thai suse-upgrade-gtk2-immodule-thai-32bit suse-upgrade-gtk2-immodule-tigrigna suse-upgrade-gtk2-immodule-tigrigna-32bit suse-upgrade-gtk2-immodule-vietnamese suse-upgrade-gtk2-immodule-vietnamese-32bit suse-upgrade-gtk2-immodule-xim suse-upgrade-gtk2-immodule-xim-32bit suse-upgrade-gtk2-lang suse-upgrade-gtk2-metatheme-adwaita suse-upgrade-gtk2-theming-engine-adwaita suse-upgrade-gtk2-theming-engine-adwaita-32bit suse-upgrade-gtk2-tools suse-upgrade-gtk2-tools-32bit suse-upgrade-gtk3-branding-sle suse-upgrade-gtk3-branding-upstream suse-upgrade-gtk3-data suse-upgrade-gtk3-devel suse-upgrade-gtk3-devel-32bit suse-upgrade-gtk3-devel-doc suse-upgrade-gtk3-immodule-amharic suse-upgrade-gtk3-immodule-amharic-32bit suse-upgrade-gtk3-immodule-broadway suse-upgrade-gtk3-immodule-inuktitut suse-upgrade-gtk3-immodule-inuktitut-32bit suse-upgrade-gtk3-immodule-multipress suse-upgrade-gtk3-immodule-multipress-32bit suse-upgrade-gtk3-immodule-thai suse-upgrade-gtk3-immodule-thai-32bit suse-upgrade-gtk3-immodule-tigrigna suse-upgrade-gtk3-immodule-tigrigna-32bit suse-upgrade-gtk3-immodule-vietnamese suse-upgrade-gtk3-immodule-vietnamese-32bit suse-upgrade-gtk3-immodule-wayland suse-upgrade-gtk3-immodule-wayland-32bit suse-upgrade-gtk3-immodule-xim suse-upgrade-gtk3-immodule-xim-32bit suse-upgrade-gtk3-lang suse-upgrade-gtk3-metatheme-adwaita suse-upgrade-gtk3-schema suse-upgrade-gtk3-tools suse-upgrade-gtk3-tools-32bit suse-upgrade-libgtk-2_0-0 suse-upgrade-libgtk-2_0-0-32bit suse-upgrade-libgtk-3-0 suse-upgrade-libgtk-3-0-32bit suse-upgrade-metatheme-adwaita-common suse-upgrade-typelib-1_0-gtk-2_0 suse-upgrade-typelib-1_0-gtk-3_0 References https://attackerkb.com/topics/cve-2024-6655 CVE - 2024-6655

Oracle Linux: CVE-2021-47624: ELSA-2024-5101:kernel security update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:P) Published 07/16/2024 Created 08/20/2024 Added 08/16/2024 Modified 11/29/2024 Description In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn&apos;t match with &quot;offline&quot;, &quot;online&quot; or &quot;remove&quot;, the function simply returns -EINVAL and forgets to decrease the reference count of a rpc_xprt object and a rpc_xprt_switch object increased by rpc_sysfs_xprt_kobj_get_xprt() and rpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of both unused objects. Fix this issue by jumping to the error handling path labelled with out_put when buf matches none of &quot;offline&quot;, &quot;online&quot; or &quot;remove&quot;. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2021-47624 CVE - 2021-47624 ELSA-2024-5101

Alma Linux: CVE-2022-48866: Important: kernel security update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 07/16/2024 Created 09/27/2024 Added 09/26/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Syzbot reported an slab-out-of-bounds Read in thrustmaster_probe() bug. The root case is in missing validation check of actual number of endpoints. Code should not blindly access usb_host_interface::endpoint array, since it may contain less endpoints than code expects. Fix it by adding missing validaion check and print an error if number of endpoints do not match expected number Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2022-48866 CVE - 2022-48866 https://errata.almalinux.org/8/ALSA-2024-7000.html https://errata.almalinux.org/8/ALSA-2024-7001.html

Rocky Linux: CVE-2024-21131: java-21-openjdk (RLSA-2024-4573) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/16/2024 Created 07/30/2024 Added 07/29/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) rocky-upgrade-java-21-openjdk rocky-upgrade-java-21-openjdk-debuginfo rocky-upgrade-java-21-openjdk-debugsource rocky-upgrade-java-21-openjdk-demo rocky-upgrade-java-21-openjdk-demo-fastdebug rocky-upgrade-java-21-openjdk-demo-slowdebug rocky-upgrade-java-21-openjdk-devel rocky-upgrade-java-21-openjdk-devel-debuginfo rocky-upgrade-java-21-openjdk-devel-fastdebug rocky-upgrade-java-21-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-devel-slowdebug rocky-upgrade-java-21-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-fastdebug rocky-upgrade-java-21-openjdk-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless rocky-upgrade-java-21-openjdk-headless-debuginfo rocky-upgrade-java-21-openjdk-headless-fastdebug rocky-upgrade-java-21-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless-slowdebug rocky-upgrade-java-21-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-javadoc rocky-upgrade-java-21-openjdk-javadoc-zip rocky-upgrade-java-21-openjdk-jmods rocky-upgrade-java-21-openjdk-jmods-fastdebug rocky-upgrade-java-21-openjdk-jmods-slowdebug rocky-upgrade-java-21-openjdk-slowdebug rocky-upgrade-java-21-openjdk-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-src rocky-upgrade-java-21-openjdk-src-fastdebug rocky-upgrade-java-21-openjdk-src-slowdebug rocky-upgrade-java-21-openjdk-static-libs rocky-upgrade-java-21-openjdk-static-libs-fastdebug rocky-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2024-21131 CVE - 2024-21131 https://errata.rockylinux.org/RLSA-2024:4573

Ubuntu: USN-6934-1 (CVE-2024-21127): MySQL vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 07/16/2024 Created 08/02/2024 Added 08/01/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).Supported versions that are affected are 8.0.37 and prior and8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2024-21127 CVE - 2024-21127 USN-6934-1

Rocky Linux: CVE-2024-21140: java-21-openjdk (RLSA-2024-4573) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/16/2024 Created 07/30/2024 Added 07/29/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well asunauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Solution(s) rocky-upgrade-java-21-openjdk rocky-upgrade-java-21-openjdk-debuginfo rocky-upgrade-java-21-openjdk-debugsource rocky-upgrade-java-21-openjdk-demo rocky-upgrade-java-21-openjdk-demo-fastdebug rocky-upgrade-java-21-openjdk-demo-slowdebug rocky-upgrade-java-21-openjdk-devel rocky-upgrade-java-21-openjdk-devel-debuginfo rocky-upgrade-java-21-openjdk-devel-fastdebug rocky-upgrade-java-21-openjdk-devel-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-devel-slowdebug rocky-upgrade-java-21-openjdk-devel-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-fastdebug rocky-upgrade-java-21-openjdk-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless rocky-upgrade-java-21-openjdk-headless-debuginfo rocky-upgrade-java-21-openjdk-headless-fastdebug rocky-upgrade-java-21-openjdk-headless-fastdebug-debuginfo rocky-upgrade-java-21-openjdk-headless-slowdebug rocky-upgrade-java-21-openjdk-headless-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-javadoc rocky-upgrade-java-21-openjdk-javadoc-zip rocky-upgrade-java-21-openjdk-jmods rocky-upgrade-java-21-openjdk-jmods-fastdebug rocky-upgrade-java-21-openjdk-jmods-slowdebug rocky-upgrade-java-21-openjdk-slowdebug rocky-upgrade-java-21-openjdk-slowdebug-debuginfo rocky-upgrade-java-21-openjdk-src rocky-upgrade-java-21-openjdk-src-fastdebug rocky-upgrade-java-21-openjdk-src-slowdebug rocky-upgrade-java-21-openjdk-static-libs rocky-upgrade-java-21-openjdk-static-libs-fastdebug rocky-upgrade-java-21-openjdk-static-libs-slowdebug References https://attackerkb.com/topics/cve-2024-21140 CVE - 2024-21140 https://errata.rockylinux.org/RLSA-2024:4573

Ubuntu: (CVE-2022-48795): linux vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/16/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: parisc: Fix data TLB miss in sba_unmap_sg Rolf Eike Beer reported the following bug: [1274934.746891] Bad Address (null pointer deref?): Code=15 (Data TLB miss fault) at addr 0000004140000018 [1274934.746891] CPU: 3 PID: 5549 Comm: cmake Not tainted 5.15.4-gentoo-parisc64 #4 [1274934.746891] Hardware name: 9000/785/C8000 [1274934.746891] [1274934.746891]YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI [1274934.746891] PSW: 00001000000001001111111000001110 Not tainted [1274934.746891] r00-03000000ff0804fe0e 0000000040bc9bc0 00000000406760e4 0000004140000000 [1274934.746891] r04-070000000040b693c0 0000004140000000 000000004a2b08b0 0000000000000001 [1274934.746891] r08-110000000041f98810 0000000000000000 000000004a0a7000 0000000000000001 [1274934.746891] r12-150000000040bddbc0 0000000040c0cbc0 0000000040bddbc0 0000000040bddbc0 [1274934.746891] r16-190000000040bde3c0 0000000040bddbc0 0000000040bde3c0 0000000000000007 [1274934.746891] r20-230000000000000006 000000004a368950 0000000000000000 0000000000000001 [1274934.746891] r24-270000000000001fff 000000000800000e 000000004a1710f0 0000000040b693c0 [1274934.746891] r28-310000000000000001 0000000041f988b0 0000000041f98840 000000004a171118 [1274934.746891] sr00-0300000000066e5800 0000000000000000 0000000000000000 00000000066e5800 [1274934.746891] sr04-070000000000000000 0000000000000000 0000000000000000 0000000000000000 [1274934.746891] [1274934.746891] IASQ: 0000000000000000 0000000000000000 IAOQ: 00000000406760e8 00000000406760ec [1274934.746891]IIR: 48780030ISR: 0000000000000000IOR: 0000004140000018 [1274934.746891]CPU:3 CR30: 00000040e3a9c000 CR31: ffffffffffffffff [1274934.746891]ORIG_R28: 0000000040acdd58 [1274934.746891]IAOQ[0]: sba_unmap_sg+0xb0/0x118 [1274934.746891]IAOQ[1]: sba_unmap_sg+0xb4/0x118 [1274934.746891]RP(r2): sba_unmap_sg+0xac/0x118 [1274934.746891] Backtrace: [1274934.746891][<00000000402740cc>] dma_unmap_sg_attrs+0x6c/0x70 [1274934.746891][<000000004074d6bc>] scsi_dma_unmap+0x54/0x60 [1274934.746891][<00000000407a3488>] mptscsih_io_done+0x150/0xd70 [1274934.746891][<0000000040798600>] mpt_interrupt+0x168/0xa68 [1274934.746891][<0000000040255a48>] __handle_irq_event_percpu+0xc8/0x278 [1274934.746891][<0000000040255c34>] handle_irq_event_percpu+0x3c/0xd8 [1274934.746891][<000000004025ecb4>] handle_percpu_irq+0xb4/0xf0 [1274934.746891][<00000000402548e0>] generic_handle_irq+0x50/0x70 [1274934.746891][<000000004019a254>] call_on_stack+0x18/0x24 [1274934.746891] [1274934.746891] Kernel panic - not syncing: Bad Address (null pointer deref?) The bug is caused by overrunning the sglist and incorrectly testing sg_dma_len(sglist) before nents. Normally this doesn't cause a crash, but in this case sglist crossed a page boundary. This occurs in the following code: while (sg_dma_len(sglist) && nents--) { The fix is simply to test nents first and move the decrement of nents into the loop. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-ibm ubuntu-upgrade-linux-ibm-5-4 ubuntu-upgrade-linux-intel-iotg-5-15 ubuntu-upgrade-linux-iot ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2022-48795 CVE - 2022-48795 https://git.kernel.org/linus/b7d6f44a0fa716a82969725516dc0b16bc7cd514 https://git.kernel.org/stable/c/867e50231c7605547d9334904d70a181f39f2d9e https://git.kernel.org/stable/c/8c8e949ae81e7f5ab58f9f9f8e9b573b93173dd2 https://git.kernel.org/stable/c/b7d6f44a0fa716a82969725516dc0b16bc7cd514 https://git.kernel.org/stable/c/de75676ee99bf9f25b1124ff301b3f7b8ba597d4 https://git.kernel.org/stable/c/e40ae3133ed87d6d526f3c8fc6a5f9a2d72dcdbf https://git.kernel.org/stable/c/efccc9b0c7e28d0eb7918a236e59f60dc23db4c3 https://git.kernel.org/stable/c/f23f0444ead4d941165aa82ce2fcbb997dc00e97 https://git.kernel.org/stable/c/f8f519d7df66c334b5e08f896ac70ee3b53add3b https://www.cve.org/CVERecord?id=CVE-2022-48795 View more

Alpine Linux: CVE-2024-21138: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/16/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Solution(s) alpine-linux-upgrade-openjdk11 alpine-linux-upgrade-openjdk17 alpine-linux-upgrade-openjdk21 References https://attackerkb.com/topics/cve-2024-21138 CVE - 2024-21138 https://security.alpinelinux.org/vuln/CVE-2024-21138

Oracle Database: Critical Patch Update - July 2024 (CVE-2024-21184) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 07/16/2024 Created 07/30/2024 Added 07/29/2024 Modified 01/28/2025 Description Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server.Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XS_DIAG privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security.Successful attacks of this vulnerability can result in takeover of Oracle Database RDBMS Security. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Solution(s) oracle-apply-jul-2024-cpu References https://attackerkb.com/topics/cve-2024-21184 CVE - 2024-21184 http://www.oracle.com/security-alerts/cpujul2024.html https://support.oracle.com/rs?type=doc&id=3027813.1

Oracle Database: Critical Patch Update - July 2024 (CVE-2024-21174) Severity 4 CVSS (AV:N/AC:M/Au:S/C:N/I:N/A:P) Published 07/16/2024 Created 07/30/2024 Added 07/29/2024 Modified 01/28/2025 Description Vulnerability in the Java VM component of Oracle Database Server.Supported versions that are affected are 19.3-19.23, 21.3-21.14 and23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM.Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.1 Base Score 3.1 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L). Solution(s) oracle-apply-jul-2024-cpu References https://attackerkb.com/topics/cve-2024-21174 CVE - 2024-21174 http://www.oracle.com/security-alerts/cpujul2024.html https://support.oracle.com/rs?type=doc&id=3027813.1