ISHACK AI BOT

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express Path (JSA83021) (CVE-2024-39561) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/FIN or SYN/RST should be dropped in flowd. However, when no-syn-check and Express Path are enabled, these TCP packets are unexpectedly transferred to the downstream network. This issue affects Junos OS on SRX4600 and SRX5000 Series: *All versions before 21.2R3-S8, *from 21.4 before 21.4R3-S7, *from 22.1 before 22.1R3-S6, *from 22.2 before 22.2R3-S4, *from 22.3 before 22.3R3-S3, *from 22.4 before 22.4R3-S2, *from 23.2 before 23.2R2, *from 23.4 before 23.4R1-S1, 23.4R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39561 CVE - 2024-39561 JSA83021

Joomla!: [20240705] - Core - XSS in com_fields default field value (CVE-2024-26278) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/10/2024 Created 07/10/2024 Added 07/10/2024 Modified 01/28/2025 Description The Custom Fields component not correctly filter inputs, leading to a XSS vector. Solution(s) joomla-upgrade-3_10_16 joomla-upgrade-4_4_6 joomla-upgrade-5_1_2 References https://attackerkb.com/topics/cve-2024-26278 CVE - 2024-26278 http://developer.joomla.org/security-centre/939-20240705-core-xss-in-com-fields-default-field-value.html

Joomla!: [20240702] - Core - Self-XSS in fancyselect list field layout (CVE-2024-21730) Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 07/10/2024 Created 07/10/2024 Added 07/10/2024 Modified 01/28/2025 Description The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector. Solution(s) joomla-upgrade-4_4_6 joomla-upgrade-5_1_2 References https://attackerkb.com/topics/cve-2024-21730 CVE - 2024-21730 http://developer.joomla.org/security-centre/936-20240702-core-self-xss-in-fancyselect-list-field-layout.html

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Malformed BGP UPDATE causes RPD crash (JSA75726) (CVE-2024-39552) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause the RPD process to crash leading to a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, RPD crashes and restarts. Continuous receipt of the malformed BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations.This issue requires a remote attacker to have at least one established BGP session. This issue affects: Juniper Networks Junos OS: *All versions earlier than 20.4R3-S9; *21.2 versions earlier than 21.2R3-S7; *21.3 versions earlier than 21.3R3-S5; *21.4 versions earlier than 21.4R3-S6; *22.1 versions earlier than 22.1R3-S4; *22.2 versions earlier than 22.2R3-S3; *22.3 versions earlier than 22.3R3-S2; *22.4 versions earlier than 22.4R3; *23.2 versions earlier than 23.2R2. Juniper Networks Junos OS Evolved: *All versions earlier than 21.2R3-S7; *21.3-EVO versions earlier than 21.3R3-S5; *21.4-EVO versions earlier than 21.4R3-S8; *22.1-EVO versions earlier than 22.1R3-S4; *22.2-EVO versions earlier than 22.2R3-S3; *22.3-EVO versions earlier than 22.3R3-S2; *22.4-EVO versions earlier than 22.4R3; *23.2-EVO versions earlier than 23.2R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39552 CVE - 2024-39552 JSA75726

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of a large RPKI-RTR PDU packet can cause rpd to crash (JSA83004) (CVE-2024-39543) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Junos OS: *All versions before 21.2R3-S8, *from 21.4 before 21.4R3-S8, *from 22.2 before 22.2R3-S4, *from 22.3 before 22.3R3-S3, *from 22.4 before 22.4R3-S2, *from 23.2 before 23.2R2-S1, *from 23.4 before 23.4R2. Junos OS Evolved:*All versions before 21.2R3-S8-EVO, *from 21.4 before 21.4R3-S8-EVO, *from 22.2 before 22.2R3-S4-EVO, *from 22.3 before 22.3R3-S3-EVO, *from 22.4 before 22.4R3-S2-EVO, *from 23.2 before 23.2R2-S1-EVO, *from 23.4 before 23.4R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39543 CVE - 2024-39543 JSA83004

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Upon processing specific L2 traffic, rpd can hang in devices with EVPN/VXLAN configured (JSA79175) (CVE-2024-39517) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS). In an EVPN/VXLAN scenario, when a high amount specific Layer 2 packets are processed by the device, it can cause the Routing Protocol Daemon (rpd) to utilize all CPU resources which causes the device to hang. A manual restart of the rpd is required to restore services. This issue affects both IPv4 and IPv6 implementations. This issue affects Junos OS: All versions earlier than 21.4R3-S7; 22.1 versions earlier than 22.1R3-S5; 22.2 versions earlier than 22.2R3-S3; 22.3 versions earlier than 22.3R3-S3; 22.4 versions earlier than 22.4R3-S2; 23.2 versions earlier than 23.2R2; 23.4 versions earlier than 23.4R1-S1. Junos OS Evolved: All versions earlier than 21.4R3-S7-EVO; 22.1-EVO versions earlier than 22.1R3-S5-EVO; 22.2-EVO versions earlier than 22.2R3-S3-EVO; 22.3-EVO versions earlier than 22.3R3-S3-EVO; 22.4-EVO versions earlier than 22.4R3-S2-EVO; 23.2-EVO versions earlier than 23.2R2-EVO; 23.4-EVO versions earlier than 23.4R1-S1-EVO, 23.4R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39517 CVE - 2024-39517 JSA79175

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS: MX Series: Continuous subscriber logins will lead to a memory leak and eventually an FPC crash (JSA82999) (CVE-2024-39539) Severity 6 CVSS (AV:A/AC:M/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart. This issue affects Junos OS on MX Series: *All version before 21.2R3-S6, *21.4 versions before 21.4R3-S6, *22.1 versions before 22.1R3-S5, *22.2 versions before 22.2R3-S3, *22.3 versions before 22.3R3-S2, *22.4 versions before 22.4R3, *23.2 versions before 23.2R2. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39539 CVE - 2024-39539 JSA82999

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Confidential information in logs can be accessed by another user (JSA82992) (CVE-2024-39532) Severity 5 CVSS (AV:L/AC:M/Au:M/C:C/I:P/A:N) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information. This issue affects: Junos OS: *All versions before 21.2R3-S9; * 21.4 versions before 21.4R3-S9; *22.2 versions before 22.2R2-S1, 22.2R3; *22.3 versions before 22.3R1-S1, 22.3R2; Junos OS Evolved: *All versions before before 22.1R3-EVO; *22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO; *22.3-EVO versions before 22.3R1-S1-EVO, 22.3R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39532 CVE - 2024-39532 JSA82992

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of specific PIM packet causes rpd crash when PIM is configured along with MoFRR (JSA83018) (CVE-2024-39558) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 08/14/2024 Description An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows a logically adjacent, unauthenticated attacker sending a specific PIM packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS), when PIM is configured with Multicast-only Fast Reroute (MoFRR). Continued receipt and processing of this packet may create a sustained Denial of Service (DoS) condition. This issue is observed on Junos and Junos Evolved platforms where PIM is configured along with MoFRR. MoFRR tries to select the active path, but due to an internal timing issue, rpd is unable to select the forwarding next-hop towards the source, resulting in an rpd crash. This issue affects: Junos OS: *All versions before 20.4R3-S10, *from 21.2 before 21.2R3-S7, *from 21.4 before 21.4R3-S6, *from 22.1 before 22.1R3-S5, *from 22.2 before 22.2R3-S3, *from 22.3 before 22.3R3, *from 22.4 before 22.4R2; Junos OS Evolved: *All versions before 20.4R3-S10 -EVO, *All versions of 21.2-EVO, *from 21.4-EVO before 21.4R3-S9-EVO, *from 22.1-EVO before 22.1R3-S5-EVO, *from 22.2-EVO before 22.2R3-S3-EVO, *from 22.3-EVO before 22.3R3-EVO, *from 22.4-EVO before 22.4R2-EVO. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39558 CVE - 2024-39558 JSA83018

SUSE: CVE-2024-39488: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/10/2024 Created 08/14/2024 Added 08/14/2024 Modified 08/19/2024 Description In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY When CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes to bug_table entries, and as a result the last entry in a bug table will be ignored, potentially leading to an unexpected panic(). All prior entries in the table will be handled correctly. The arm64 ABI requires that struct fields of up to 8 bytes are naturally-aligned, with padding added within a struct such that struct are suitably aligned within arrays. When CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is: struct bug_entry { signed intbug_addr_disp; // 4 bytes signed intfile_disp; // 4 bytes unsigned shortline; // 2 bytes unsigned shortflags; // 2 bytes } ... with 12 bytes total, requiring 4-byte alignment. When CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is: struct bug_entry { signed intbug_addr_disp; // 4 bytes unsigned shortflags; // 2 bytes < implicit padding > // 2 bytes } ... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing padding, requiring 4-byte alginment. When we create a bug_entry in assembly, we align the start of the entry to 4 bytes, which implicitly handles padding for any prior entries. However, we do not align the end of the entry, and so when CONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding bytes. For the main kernel image this is not a problem as find_bug() doesn't depend on the trailing padding bytes when searching for entries: for (bug = __start___bug_table; bug < __stop___bug_table; ++bug) if (bugaddr == bug_addr(bug)) return bug; However for modules, module_bug_finalize() depends on the trailing bytes when calculating the number of entries: mod->num_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry); ... and as the last bug_entry lacks the necessary padding bytes, this entry will not be counted, e.g. in the case of a single entry: sechdrs[i].sh_size == 6 sizeof(struct bug_entry) == 8; sechdrs[i].sh_size / sizeof(struct bug_entry) == 0; Consequently module_find_bug() will miss the last bug_entry when it does: for (i = 0; i < mod->num_bugs; ++i, ++bug) if (bugaddr == bug_addr(bug)) goto out; ... which can lead to a kenrel panic due to an unhandled bug. This can be demonstrated with the following module: static int __init buginit(void) { WARN(1, "hello\n"); return 0; } static void __exit bugexit(void) { } module_init(buginit); module_exit(bugexit); MODULE_LICENSE("GPL"); ... which will trigger a kernel panic when loaded: ------------[ cut here ]------------ hello Unexpected kernel BRK exception at EL1 Internal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP Modules linked in: hello(O+) CPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8 Hardware name: linux,dummy-virt (DT) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : buginit+0x18/0x1000 [hello] lr : buginit+0x18/0x1000 [hello] sp : ffff800080533ae0 x29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000 x26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58 x23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0 x20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006 x17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720 x14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312 x11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8 x8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000 x5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0 Call trace: buginit+0x18/0x1000 [hello] do_one_initcall+0x80/0x1c8 do_init_module+0x60/0x218 load_module+0x1ba4/0x1d70 __do_sys_init_module+0x198/0x1d0 __arm64_sys_init_module+0x1c/0x28 invoke_syscall+0x48/0x114 el0_svc ---truncated--- Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2024-39488 CVE - 2024-39488

FreeBSD: VID-ACB4EAB6-3F6D-11EF-8657-001B217B3468 (CVE-2024-5470): Gitlab -- vulnerabilities Severity 3 CVSS (AV:N/AC:L/Au:M/C:N/I:P/A:N) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4 and from 17.1 prior to 17.1.2 where a Guest user with `admin_push_rules` permission may have been able to create project-level deploy tokens. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-5470

FreeBSD: VID-ACB4EAB6-3F6D-11EF-8657-001B217B3468 (CVE-2024-6385): Gitlab -- vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-6385

Juniper Junos OS: 2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Inconsistent information in the TE database can lead to an rpd crash (JSA83001) (CVE-2024-39541) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 07/10/2024 Created 07/12/2024 Added 07/11/2024 Modified 01/28/2025 Description An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart. This issue affects: Junos OS: *22.4 versions before 22.4R3-S1, *23.2 versions before 23.2R2, *23.4 versions before 23.4R1-S1, 23.4R2, This issue does not affect Junos OS versions earlier than 22.4R1. Junos OS Evolved: *22.4-EVO versions before 22.4R3-S2-EVO, *23.2-EVO versions before 23.2R2-EVO, *23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO, This issue does not affect Junos OS Evolved versions earlier than before 22.4R1. Solution(s) juniper-junos-os-upgrade-latest References https://attackerkb.com/topics/cve-2024-39541 CVE - 2024-39541 JSA83001

Gentoo Linux: CVE-2024-6607: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 12/10/2024 Added 12/09/2024 Modified 12/09/2024 Description It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-6607 CVE - 2024-6607 202412-04

Microsoft Office: CVE-2024-38021: Microsoft Outlook Remote Code Execution Vulnerability Severity 4 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/10/2024 Description Microsoft Outlook Remote Code Execution Vulnerability Solution(s) microsoft-office_2016-kb5002620 office-click-to-run-upgrade-latest References https://attackerkb.com/topics/cve-2024-38021 CVE - 2024-38021 https://support.microsoft.com/help/5002620

Gentoo Linux: CVE-2024-6615: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/09/2024 Created 12/10/2024 Added 12/09/2024 Modified 12/09/2024 Description Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-6615 CVE - 2024-6615 202412-04

Gentoo Linux: CVE-2024-6610: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 07/09/2024 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-6610 CVE - 2024-6610 202412-04

Microsoft Windows: CVE-2024-37978: Secure Boot Security Feature Bypass Vulnerability Severity 8 CVSS (AV:A/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 08/13/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_11-22h2-kb5040442 microsoft-windows-windows_11-23h2-kb5040442 microsoft-windows-windows_server_2022-23h2-kb5040438 References https://attackerkb.com/topics/cve-2024-37978 CVE - 2024-37978 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040442

F5 Networks: CVE-2024-3596: K000141008: RADIUS authentication vulnerability CVE-2024-3596 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 09/12/2024 Added 09/11/2024 Modified 01/28/2025 Description RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-3596 CVE - 2024-3596 https://my.f5.com/manage/s/article/K000141008

Microsoft Windows: CVE-2024-38074: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/06/2024 Description Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5040485 microsoft-windows-windows_server_2012_r2-kb5040456 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 msft-kb5040498-f961cc14-8b04-4069-ace4-5f938af42077 References https://attackerkb.com/topics/cve-2024-38074 CVE - 2024-38074 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040456 https://support.microsoft.com/help/5040485 View more

Microsoft Windows: CVE-2024-38069: Windows Enroll Engine Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 08/13/2024 Description Windows Enroll Engine Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5040448 microsoft-windows-windows_10-1607-kb5040434 microsoft-windows-windows_10-1809-kb5040430 microsoft-windows-windows_10-21h2-kb5040427 microsoft-windows-windows_10-22h2-kb5040427 microsoft-windows-windows_11-21h2-kb5040431 microsoft-windows-windows_11-22h2-kb5040442 microsoft-windows-windows_11-23h2-kb5040442 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 References https://attackerkb.com/topics/cve-2024-38069 CVE - 2024-38069 https://support.microsoft.com/help/5040427 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040431 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040442 https://support.microsoft.com/help/5040448 View more

Microsoft Windows: CVE-2024-38065: Secure Boot Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/05/2024 Description Secure Boot Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5040448 microsoft-windows-windows_10-1607-kb5040434 microsoft-windows-windows_10-1809-kb5040430 microsoft-windows-windows_10-21h2-kb5040427 microsoft-windows-windows_10-22h2-kb5040427 microsoft-windows-windows_11-21h2-kb5040431 microsoft-windows-windows_11-22h2-kb5040442 microsoft-windows-windows_11-23h2-kb5040442 microsoft-windows-windows_server_2012_r2-kb5040456 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 References https://attackerkb.com/topics/cve-2024-38065 CVE - 2024-38065 https://support.microsoft.com/help/5040427 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040431 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040442 https://support.microsoft.com/help/5040448 https://support.microsoft.com/help/5040456 View more

Microsoft Windows: CVE-2024-38068: Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/06/2024 Description Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5040448 microsoft-windows-windows_10-1607-kb5040434 microsoft-windows-windows_10-1809-kb5040430 microsoft-windows-windows_10-21h2-kb5040427 microsoft-windows-windows_10-22h2-kb5040427 microsoft-windows-windows_11-21h2-kb5040431 microsoft-windows-windows_11-22h2-kb5040442 microsoft-windows-windows_11-23h2-kb5040442 microsoft-windows-windows_server_2012-kb5040485 microsoft-windows-windows_server_2012_r2-kb5040456 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 msft-kb5040490-a33291f3-f1b2-46ec-995d-5a6bcd9b90c7 msft-kb5040490-ecd666b8-158c-4500-abdb-abf60983b463 msft-kb5040498-f961cc14-8b04-4069-ace4-5f938af42077 References https://attackerkb.com/topics/cve-2024-38068 CVE - 2024-38068 https://support.microsoft.com/help/5040427 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040431 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040442 https://support.microsoft.com/help/5040448 https://support.microsoft.com/help/5040456 https://support.microsoft.com/help/5040485 View more

Microsoft Windows: CVE-2024-38076: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 08/13/2024 Description Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 References https://attackerkb.com/topics/cve-2024-38076 CVE - 2024-38076 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438

Microsoft Windows: CVE-2024-38015: Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/09/2024 Created 07/10/2024 Added 07/09/2024 Modified 09/06/2024 Description Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5040485 microsoft-windows-windows_server_2012_r2-kb5040456 microsoft-windows-windows_server_2016-1607-kb5040434 microsoft-windows-windows_server_2019-1809-kb5040430 microsoft-windows-windows_server_2022-21h2-kb5040437 microsoft-windows-windows_server_2022-22h2-kb5040437 microsoft-windows-windows_server_2022-23h2-kb5040438 References https://attackerkb.com/topics/cve-2024-38015 CVE - 2024-38015 https://support.microsoft.com/help/5040430 https://support.microsoft.com/help/5040434 https://support.microsoft.com/help/5040437 https://support.microsoft.com/help/5040438 https://support.microsoft.com/help/5040456 https://support.microsoft.com/help/5040485 View more