ISHACK AI BOT

Alpine Linux: CVE-2024-37151: Improper Check for Unusual or Exceptional Conditions Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 07/11/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/14/2024 Description Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem. Solution(s) alpine-linux-upgrade-suricata References https://attackerkb.com/topics/cve-2024-37151 CVE - 2024-37151 https://security.alpinelinux.org/vuln/CVE-2024-37151

Alpine Linux: CVE-2024-38534: Allocation of Resources Without Limits or Throttling Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/11/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue. Solution(s) alpine-linux-upgrade-suricata References https://attackerkb.com/topics/cve-2024-38534 CVE - 2024-38534 https://security.alpinelinux.org/vuln/CVE-2024-38534

Alpine Linux: CVE-2024-38875: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 10/12/2024 Added 10/10/2024 Modified 10/10/2024 Description An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets. Solution(s) alpine-linux-upgrade-py3-django References https://attackerkb.com/topics/cve-2024-38875 CVE - 2024-38875 https://security.alpinelinux.org/vuln/CVE-2024-38875

Ubuntu: (Multiple Advisories) (CVE-2024-39490): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 09/13/2024 Added 09/12/2024 Modified 09/26/2024 Description In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing sk_buff release in seg6_input_core The seg6_input() function is responsible for adding the SRH into a packet, delegating the operation to the seg6_input_core(). This function uses the skb_cow_head() to ensure that there is sufficient headroom in the sk_buff for accommodating the link-layer header. In the event that the skb_cow_header() function fails, the seg6_input_core() catches the error but it does not release the sk_buff, which will result in a memory leak. This issue was introduced in commit af3b5158b89d ("ipv6: sr: fix BUG due to headroom too small after SRH push") and persists even after commit 7a3f5b0de364 ("netfilter: add netfilter hooks to SRv6 data plane"), where the entire seg6_input() code was refactored to deal with netfilter hooks. The proposed patch addresses the identified memory leak by requiring the seg6_input_core() function to release the sk_buff in the event that skb_cow_head() fails. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1052-gkeop ubuntu-upgrade-linux-image-5-15-0-1062-ibm ubuntu-upgrade-linux-image-5-15-0-1062-raspi ubuntu-upgrade-linux-image-5-15-0-1064-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1064-nvidia ubuntu-upgrade-linux-image-5-15-0-1064-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1066-gke ubuntu-upgrade-linux-image-5-15-0-1066-kvm ubuntu-upgrade-linux-image-5-15-0-1067-oracle ubuntu-upgrade-linux-image-5-15-0-1068-gcp ubuntu-upgrade-linux-image-5-15-0-1069-aws ubuntu-upgrade-linux-image-5-15-0-1072-azure ubuntu-upgrade-linux-image-5-15-0-1072-azure-fde ubuntu-upgrade-linux-image-5-15-0-121-generic ubuntu-upgrade-linux-image-5-15-0-121-generic-64k ubuntu-upgrade-linux-image-5-15-0-121-generic-lpae ubuntu-upgrade-linux-image-5-15-0-121-lowlatency ubuntu-upgrade-linux-image-5-15-0-121-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1010-gke ubuntu-upgrade-linux-image-6-8-0-1011-raspi ubuntu-upgrade-linux-image-6-8-0-1012-ibm ubuntu-upgrade-linux-image-6-8-0-1012-oem ubuntu-upgrade-linux-image-6-8-0-1012-oracle ubuntu-upgrade-linux-image-6-8-0-1012-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1014-azure ubuntu-upgrade-linux-image-6-8-0-1014-azure-fde ubuntu-upgrade-linux-image-6-8-0-1014-gcp ubuntu-upgrade-linux-image-6-8-0-1015-aws ubuntu-upgrade-linux-image-6-8-0-44-generic ubuntu-upgrade-linux-image-6-8-0-44-generic-64k ubuntu-upgrade-linux-image-6-8-0-44-lowlatency ubuntu-upgrade-linux-image-6-8-0-44-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-45-generic ubuntu-upgrade-linux-image-6-8-0-45-generic-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-39490 CVE - 2024-39490 USN-6999-1 USN-6999-2 USN-7004-1 USN-7005-1 USN-7005-2 USN-7007-1 USN-7007-2 USN-7007-3 USN-7008-1 USN-7009-1 USN-7009-2 USN-7019-1 USN-7029-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-39492): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 09/13/2024 Added 09/12/2024 Modified 09/25/2024 Description In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox shutdown The return value of pm_runtime_get_sync() in cmdq_mbox_shutdown() will return 1 when pm runtime state is active, and we don't want to get the warning message in this case. So we change the return value < 0 for WARN_ON(). Solution(s) ubuntu-upgrade-linux-image-6-8-0-1010-gke ubuntu-upgrade-linux-image-6-8-0-1011-raspi ubuntu-upgrade-linux-image-6-8-0-1012-ibm ubuntu-upgrade-linux-image-6-8-0-1012-oem ubuntu-upgrade-linux-image-6-8-0-1012-oracle ubuntu-upgrade-linux-image-6-8-0-1012-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1014-azure ubuntu-upgrade-linux-image-6-8-0-1014-azure-fde ubuntu-upgrade-linux-image-6-8-0-1014-gcp ubuntu-upgrade-linux-image-6-8-0-1015-aws ubuntu-upgrade-linux-image-6-8-0-44-generic ubuntu-upgrade-linux-image-6-8-0-44-generic-64k ubuntu-upgrade-linux-image-6-8-0-44-lowlatency ubuntu-upgrade-linux-image-6-8-0-44-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-45-generic ubuntu-upgrade-linux-image-6-8-0-45-generic-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-39492 CVE - 2024-39492 USN-6999-1 USN-6999-2 USN-7004-1 USN-7005-1 USN-7005-2 USN-7008-1 USN-7029-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-39489): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/10/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1052-gkeop ubuntu-upgrade-linux-image-5-15-0-1062-ibm ubuntu-upgrade-linux-image-5-15-0-1062-raspi ubuntu-upgrade-linux-image-5-15-0-1064-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1064-nvidia ubuntu-upgrade-linux-image-5-15-0-1064-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1066-gke ubuntu-upgrade-linux-image-5-15-0-1066-kvm ubuntu-upgrade-linux-image-5-15-0-1067-oracle ubuntu-upgrade-linux-image-5-15-0-1068-gcp ubuntu-upgrade-linux-image-5-15-0-1069-aws ubuntu-upgrade-linux-image-5-15-0-1072-azure ubuntu-upgrade-linux-image-5-15-0-1072-azure-fde ubuntu-upgrade-linux-image-5-15-0-121-generic ubuntu-upgrade-linux-image-5-15-0-121-generic-64k ubuntu-upgrade-linux-image-5-15-0-121-generic-lpae ubuntu-upgrade-linux-image-5-15-0-121-lowlatency ubuntu-upgrade-linux-image-5-15-0-121-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1042-iot ubuntu-upgrade-linux-image-5-4-0-1049-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1077-ibm ubuntu-upgrade-linux-image-5-4-0-1090-bluefield ubuntu-upgrade-linux-image-5-4-0-1097-gkeop ubuntu-upgrade-linux-image-5-4-0-1114-raspi ubuntu-upgrade-linux-image-5-4-0-1118-kvm ubuntu-upgrade-linux-image-5-4-0-1129-oracle ubuntu-upgrade-linux-image-5-4-0-1130-aws ubuntu-upgrade-linux-image-5-4-0-1134-gcp ubuntu-upgrade-linux-image-5-4-0-1135-azure ubuntu-upgrade-linux-image-5-4-0-192-generic ubuntu-upgrade-linux-image-5-4-0-192-generic-lpae ubuntu-upgrade-linux-image-5-4-0-192-lowlatency ubuntu-upgrade-linux-image-6-8-0-1010-gke ubuntu-upgrade-linux-image-6-8-0-1011-raspi ubuntu-upgrade-linux-image-6-8-0-1012-ibm ubuntu-upgrade-linux-image-6-8-0-1012-oem ubuntu-upgrade-linux-image-6-8-0-1012-oracle ubuntu-upgrade-linux-image-6-8-0-1012-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1014-azure ubuntu-upgrade-linux-image-6-8-0-1014-azure-fde ubuntu-upgrade-linux-image-6-8-0-1014-gcp ubuntu-upgrade-linux-image-6-8-0-1015-aws ubuntu-upgrade-linux-image-6-8-0-44-generic ubuntu-upgrade-linux-image-6-8-0-44-generic-64k ubuntu-upgrade-linux-image-6-8-0-44-lowlatency ubuntu-upgrade-linux-image-6-8-0-44-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-45-generic ubuntu-upgrade-linux-image-6-8-0-45-generic-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-39489 CVE - 2024-39489 USN-6951-1 USN-6951-2 USN-6951-3 USN-6951-4 USN-6953-1 USN-6979-1 USN-6999-1 USN-6999-2 USN-7004-1 USN-7005-1 USN-7005-2 USN-7007-1 USN-7007-2 USN-7007-3 USN-7008-1 USN-7009-1 USN-7009-2 USN-7019-1 USN-7029-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-39491): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 09/13/2024 Added 09/12/2024 Modified 09/25/2024 Description In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance The cs_dsp instance is initialized in the driver probe() so it should be freed in the driver remove(). Also fix a missing call to cs_dsp_remove() in the error path of cs35l56_hda_common_probe(). The call to cs_dsp_remove() was being done in the component unbind callback cs35l56_hda_unbind(). This meant that if the driver was unbound and then re-bound it would be using an uninitialized cs_dsp instance. It is best to initialize the cs_dsp instance in probe() so that it can return an error if it fails. The component binding API doesn't have any error handling so there's no way to handle a failure if cs_dsp was initialized in the bind. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1010-gke ubuntu-upgrade-linux-image-6-8-0-1011-raspi ubuntu-upgrade-linux-image-6-8-0-1012-ibm ubuntu-upgrade-linux-image-6-8-0-1012-oem ubuntu-upgrade-linux-image-6-8-0-1012-oracle ubuntu-upgrade-linux-image-6-8-0-1012-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1014-azure ubuntu-upgrade-linux-image-6-8-0-1014-azure-fde ubuntu-upgrade-linux-image-6-8-0-1014-gcp ubuntu-upgrade-linux-image-6-8-0-1015-aws ubuntu-upgrade-linux-image-6-8-0-44-generic ubuntu-upgrade-linux-image-6-8-0-44-generic-64k ubuntu-upgrade-linux-image-6-8-0-44-lowlatency ubuntu-upgrade-linux-image-6-8-0-44-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-45-generic ubuntu-upgrade-linux-image-6-8-0-45-generic-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-39491 CVE - 2024-39491 USN-6999-1 USN-6999-2 USN-7004-1 USN-7005-1 USN-7005-2 USN-7008-1 USN-7029-1 View more

FreeBSD: VID-ACB4EAB6-3F6D-11EF-8657-001B217B3468 (CVE-2024-2880): Gitlab -- vulnerabilities Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 in which a user with `admin_group_member` custom role permission could ban group members. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-2880

SUSE: CVE-2024-22018: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 07/19/2024 Added 07/18/2024 Modified 07/18/2024 Description A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Solution(s) suse-upgrade-corepack20 suse-upgrade-nodejs20 suse-upgrade-nodejs20-devel suse-upgrade-nodejs20-docs suse-upgrade-npm20 References https://attackerkb.com/topics/cve-2024-22018 CVE - 2024-22018

SUSE: CVE-2024-39329: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 07/19/2024 Added 07/18/2024 Modified 07/23/2024 Description An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password. Solution(s) suse-upgrade-python3-django suse-upgrade-python311-django References https://attackerkb.com/topics/cve-2024-39329 CVE - 2024-39329

SUSE: CVE-2024-39330: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 07/19/2024 Added 07/18/2024 Modified 07/23/2024 Description An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.) Solution(s) suse-upgrade-python3-django suse-upgrade-python311-django References https://attackerkb.com/topics/cve-2024-39330 CVE - 2024-39330

SUSE: CVE-2024-39490: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 08/08/2024 Added 08/08/2024 Modified 08/28/2024 Description In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing sk_buff release in seg6_input_core The seg6_input() function is responsible for adding the SRH into a packet, delegating the operation to the seg6_input_core(). This function uses the skb_cow_head() to ensure that there is sufficient headroom in the sk_buff for accommodating the link-layer header. In the event that the skb_cow_header() function fails, the seg6_input_core() catches the error but it does not release the sk_buff, which will result in a memory leak. This issue was introduced in commit af3b5158b89d ("ipv6: sr: fix BUG due to headroom too small after SRH push") and persists even after commit 7a3f5b0de364 ("netfilter: add netfilter hooks to SRv6 data plane"), where the entire seg6_input() code was refactored to deal with netfilter hooks. The proposed patch addresses the identified memory leak by requiring the seg6_input_core() function to release the sk_buff in the event that skb_cow_head() fails. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2024-39490 CVE - 2024-39490

Oracle Linux: CVE-2024-39489: ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:C) Published 07/10/2024 Created 08/20/2024 Added 08/16/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it&apos;s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly. Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2024-39489 CVE - 2024-39489 ELSA-2024-12581 ELSA-2024-12584 ELSA-2024-12585 ELSA-2024-12611

Oracle Linux: CVE-2024-39488: ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/10/2024 Created 08/20/2024 Added 08/16/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY When CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes to bug_table entries, and as a result the last entry in a bug table will be ignored, potentially leading to an unexpected panic(). All prior entries in the table will be handled correctly. The arm64 ABI requires that struct fields of up to 8 bytes are naturally-aligned, with padding added within a struct such that struct are suitably aligned within arrays. When CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is: struct bug_entry { signed intbug_addr_disp;// 4 bytes signed intfile_disp;// 4 bytes unsigned shortline;// 2 bytes unsigned shortflags;// 2 bytes } ... with 12 bytes total, requiring 4-byte alignment. When CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is: struct bug_entry { signed intbug_addr_disp;// 4 bytes unsigned shortflags;// 2 bytes &lt; implicit padding &gt;// 2 bytes } ... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing padding, requiring 4-byte alginment. When we create a bug_entry in assembly, we align the start of the entry to 4 bytes, which implicitly handles padding for any prior entries. However, we do not align the end of the entry, and so when CONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding bytes. For the main kernel image this is not a problem as find_bug() doesn&apos;t depend on the trailing padding bytes when searching for entries: for (bug = __start___bug_table; bug &lt; __stop___bug_table; ++bug) if (bugaddr == bug_addr(bug)) return bug; However for modules, module_bug_finalize() depends on the trailing bytes when calculating the number of entries: mod-&gt;num_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry); ... and as the last bug_entry lacks the necessary padding bytes, this entry will not be counted, e.g. in the case of a single entry: sechdrs[i].sh_size == 6 sizeof(struct bug_entry) == 8; sechdrs[i].sh_size / sizeof(struct bug_entry) == 0; Consequently module_find_bug() will miss the last bug_entry when it does: for (i = 0; i &lt; mod-&gt;num_bugs; ++i, ++bug) if (bugaddr == bug_addr(bug)) goto out; ... which can lead to a kenrel panic due to an unhandled bug. This can be demonstrated with the following module: static int __init buginit(void) { WARN(1, &quot;hello\n&quot;); return 0; } static void __exit bugexit(void) { } module_init(buginit); module_exit(bugexit); MODULE_LICENSE(&quot;GPL&quot;); ... which will trigger a kernel panic when loaded: ------------[ cut here ]------------ hello Unexpected kernel BRK exception at EL1 Internal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP Modules linked in: hello(O+) CPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8 Hardware name: linux,dummy-virt (DT) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : buginit+0x18/0x1000 [hello] lr : buginit+0x18/0x1000 [hello] sp : ffff800080533ae0 x29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000 x26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58 x23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0 x20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006 x17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720 x14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312 x11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8 x8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000 x5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0 Call trace: buginit+0x18/0x1000 [hello] do_one_initcall+0x80/0x1c8 do_init_module+0x60/0x218 load_module+0x1ba4/0x1d70 __do_sys_init_module+0x198/0x1d0 __arm64_sys_init_module+0x1c/0x28 invoke_syscall+0x48/0x114 el0_svc ---truncated--- Solution(s) oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2024-39488 CVE - 2024-39488 ELSA-2024-12581 ELSA-2024-12584 ELSA-2024-12585 ELSA-2024-12611

Huawei EulerOS: CVE-2024-39493: kernel security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 07/10/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak Using completion_done to determine whether the caller has gone away only works after a complete call.Furthermore it's still possible that the caller has not yet called wait_for_completion, resulting in another potential UAF. Fix this by making the caller use cancel_work_sync and then freeing the memory safely. Solution(s) huawei-euleros-2_0_sp9-upgrade-kernel huawei-euleros-2_0_sp9-upgrade-kernel-tools huawei-euleros-2_0_sp9-upgrade-kernel-tools-libs huawei-euleros-2_0_sp9-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-39493 CVE - 2024-39493 EulerOS-SA-2024-2394

VMware Photon OS: CVE-2024-22018 Severity 1 CVSS (AV:L/AC:H/Au:N/C:P/I:N/A:N) Published 07/10/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-22018 CVE - 2024-22018

Joomla!: [20240703] - Core - XSS in StringHelper::truncate method (CVE-2024-21731) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/10/2024 Created 07/10/2024 Added 07/10/2024 Modified 01/28/2025 Description Improper handling of input could lead to an XSS vector in the StringHelper::truncate method. Solution(s) joomla-upgrade-3_10_16 joomla-upgrade-4_4_6 joomla-upgrade-5_1_2 References https://attackerkb.com/topics/cve-2024-21731 CVE - 2024-21731 http://developer.joomla.org/security-centre/937-20240703-core-xss-in-stringhelper-truncate-method.html

Joomla!: [20240701] - Core - XSS in accessible media selection field (CVE-2024-21729) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/10/2024 Created 07/10/2024 Added 07/10/2024 Modified 01/28/2025 Description Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field. Solution(s) joomla-upgrade-4_4_6 joomla-upgrade-5_1_2 References https://attackerkb.com/topics/cve-2024-21729 CVE - 2024-21729 http://developer.joomla.org/security-centre/935-20240701-core-xss-in-accessible-media-selection-field.html

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP update causes the session to reset (JSA83015) (CVE-2024-39555) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS).Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition. Upon receipt of a BGP update message over an established BGP session containing a specifically malformed tunnel encapsulation attribute, when segment routing is enabled, internal processing of the malformed attributes within the update results in improper parsing of remaining attributes, leading to session reset: BGP SEND Notification code 3 (Update Message Error) subcode 1 (invalid attribute list) Only systems with segment routing enabled are vulnerable to this issue. This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations, and requires a remote attacker to have at least one established BGP session. This issue affects: Junos OS: *All versions before 21.4R3-S8, *from 22.2 before 22.2R3-S4, *from 22.3 before 22.3R3-S3, *from 22.4 before 22.4R3-S3, *from 23.2 before 23.2R2-S1, *from 23.4 before 23.4R1-S2, 23.4R2. Junos OS Evolved: *All versions before 21.4R3-S8-EVO, *from 22.2-EVO before 22.2R3-S4-EVO, *from 22.3-EVO before 22.3R3-S3-EVO, *from 22.4-EVO before 22.4R3-S3-EVO, *from 23.2-EVO before 23.2R2-S1-EVO, *from 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39555 CVE - 2024-39555 JSA83015

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS: MX240, MX480, MX960 platforms using MPC10E: Memory leak will be observed when subscribed to a specific subscription on Junos Telemetry Interface (JSA82982) (CVE-2024-39518) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description A Heap-based Buffer Overflow vulnerability in the telemetry sensor process (sensord) of Juniper Networks Junos OS on MX240, MX480, MX960 platforms using MPC10E causes a steady increase in memory utilization, ultimately leading to a Denial of Service (DoS). When the device is subscribed to a specific subscription on Junos Telemetry Interface, a slow memory leak occurs and eventually all resources are consumed and the device becomes unresponsive. A manual reboot of the Line Card will be required to restore the device to its normal functioning. This issue is only seen when telemetry subscription is active. The Heap memory utilization can be monitored using the following command: > show system processes extensive The following command can be used to monitor the memory utilization of the specific sensor > show system info | match sensord PID NAME MEMORY PEAK MEMORY%CPU THREAD-COUNT CORE-AFFINITY UPTIME 1986sensord877.57MB 877.57MB 2 4 0,2-157-21:41:32 This issue affects Junos OS: *from 21.2R3-S5 before 21.2R3-S7, *from 21.4R3-S4 before 21.4R3-S6, *from 22.2R3 before 22.2R3-S4, *from 22.3R2 before 22.3R3-S2, *from 22.4R1 before 22.4R3, *from 23.2R1 before 23.2R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39518 CVE - 2024-39518 JSA82982

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop (JSA83013) (CVE-2024-39551) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. The memory usage can be monitored using the below command. user@host> show usp memory segment sha data objcache jsf This issue affects SRX Series and MX Series with SPC3 and MS-MPC/MIC: * 20.4 before 20.4R3-S10, * 21.2 before 21.2R3-S6, * 21.3 before 21.3R3-S5, * 21.4 before 21.4R3-S6, * 22.1 before 22.1R3-S4, * 22.2 before 22.2R3-S2, * 22.3 before 22.3R3-S1, * 22.4 before 22.4R3, * 23.2 before 23.2R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39551 CVE - 2024-39551 JSA83013

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak (JSA82996) (CVE-2024-39536) Severity 6 CVSS (AV:A/AC:M/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). When a BFD session configured with authentication flaps, ppmd memory can leak. Whether the leak happens depends on a race condition which is outside the attackers control. This issue only affects BFD operating in distributed aka delegated (which is the default behavior) or inline mode. Whether the leak occurs can be monitored with the following CLI command: > show ppm request-queue FPC Pending-request fpc0 2 request-total-pending: 2 where a continuously increasing number of pending requests is indicative of the leak. This issue affects: Junos OS: *All versions before 21.2R3-S8, *21.4 versions before 21.4R3-S7, *22.1 versions before 22.1R3-S4, *22.2 versions before 22.2R3-S4, *22.3 versions before 22.3R3, *22.4 versions before 22.4R2-S2, 22.4R3. Junos OS Evolved: *All versions before 21.2R3-S8-EVO, *21.4-EVO versions before 21.4R3-S7-EVO, *22.2-EVO versions before 22.2R3-S4-EVO, *22.3-EVO versions before 22.3R3-EVO, *22.4-EVO versions before 22.4R3-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39536 CVE - 2024-39536 JSA82996

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to RPD crash (JSA83011) (multiple CVEs) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 02/10/2025 Description A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS). Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd). Memory utilization could be monitored by: user@host> show system memory or show system monitor memory status This issue affects: Junos OS: *All versions before 21.2R3-S8, *from 21.4 before 21.4R3-S8, *from 22.2 before 22.2R3-S4, *from 22.3 before 22.3R3-S3, *from 22.4 before 22.4R3-S3, *from 23.2 before 23.2R2-S1, *from 23.4 before 23.4R1-S2, 23.4R2. Junos OS Evolved: *All versions before 21.2R3-S8-EVO, *from 21.4 before 21.4R3-S8-EVO, *from 22.2 before 22.2R3-S4-EVO, *from 22.3 before 22.3R3-S3-EVO, *from 22.4 before 22.4R3-S3-EVO, *from 23.2 before 23.2R2-S1-EVO, *from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39549 CVE - 2024-39549 CVE - 2024-39564 JSA83011

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Memory leak due to RSVP neighbor persistent error leading to kernel crash (JSA83020) (CVE-2024-39560) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/30/2025 Description An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS). The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected. System kernel memory can be monitored through the use of the 'show system kernel memory' command as shown below: user@router> show system kernel memory Real memory total/reserved: 4130268/ 133344 Kbytes kmem map free: 18014398509110220 Kbytes This issue affects: Junos OS: *All versions before 20.4R3-S9, *All versions of 21.2, *from 21.4 before 21.4R3-S5, *from 22.1 before 22.1R3-S5, *from 22.2 before 22.2R3-S3, *from 22.3 before 22.3R3-S2, *from 22.4 before 22.4R3, *from 23.2 before 23.2R2; Junos OS Evolved: *All versions before 21.4R3-S5-EVO, *from 22.1-EVO before 22.1R3-S5-EVO, *from 22.2-EVO before 22.2R3-S3-EVO, *from 22.3-EVO before 22.3R3-S2-EVO, *from 22.4-EVO before 22.4R3-EVO, *from 23.2-EVO before 23.2R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39560 CVE - 2024-39560 JSA83020

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express Path (JSA83021) (CVE-2024-39561) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/FIN or SYN/RST should be dropped in flowd. However, when no-syn-check and Express Path are enabled, these TCP packets are unexpectedly transferred to the downstream network. This issue affects Junos OS on SRX4600 and SRX5000 Series: *All versions before 21.2R3-S8, *from 21.4 before 21.4R3-S7, *from 22.1 before 22.1R3-S6, *from 22.2 before 22.2R3-S4, *from 22.3 before 22.3R3-S3, *from 22.4 before 22.4R3-S2, *from 23.2 before 23.2R2, *from 23.4 before 23.4R1-S1, 23.4R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39561 CVE - 2024-39561 JSA83021