ISHACK AI BOT

Debian: CVE-2024-39573: apache2 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/01/2024 Created 07/15/2024 Added 07/15/2024 Modified 07/31/2024 Description Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Solution(s) debian-upgrade-apache2 References https://attackerkb.com/topics/cve-2024-39573 CVE - 2024-39573 DSA-5729-1

Alma Linux: CVE-2024-37371: Moderate: krb5 security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 08/23/2024 Added 08/22/2024 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) alma-upgrade-krb5-devel alma-upgrade-krb5-libs alma-upgrade-krb5-pkinit alma-upgrade-krb5-server alma-upgrade-krb5-server-ldap alma-upgrade-krb5-workstation alma-upgrade-libkadm5 References https://attackerkb.com/topics/cve-2024-37371 CVE - 2024-37371 https://errata.almalinux.org/8/ALSA-2024-5312.html https://errata.almalinux.org/9/ALSA-2024-6166.html

Alma Linux: CVE-2024-29038: Low: tpm2-tools security update (ALSA-2024-9424) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/28/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7. Solution(s) alma-upgrade-tpm2-tools References https://attackerkb.com/topics/cve-2024-29038 CVE - 2024-29038 https://errata.almalinux.org/9/ALSA-2024-9424.html

Alma Linux: CVE-2024-37370: Moderate: krb5 security update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 06/28/2024 Created 08/23/2024 Added 08/22/2024 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. Solution(s) alma-upgrade-krb5-devel alma-upgrade-krb5-libs alma-upgrade-krb5-pkinit alma-upgrade-krb5-server alma-upgrade-krb5-server-ldap alma-upgrade-krb5-workstation alma-upgrade-libkadm5 References https://attackerkb.com/topics/cve-2024-37370 CVE - 2024-37370 https://errata.almalinux.org/8/ALSA-2024-5312.html https://errata.almalinux.org/9/ALSA-2024-6166.html

Alpine Linux: CVE-2024-37371: Vulnerability in Multiple Components Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) alpine-linux-upgrade-krb5 References https://attackerkb.com/topics/cve-2024-37371 CVE - 2024-37371 https://security.alpinelinux.org/vuln/CVE-2024-37371

Huawei EulerOS: CVE-2024-29040: tpm2-tss security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/28/2024 Created 07/17/2024 Added 07/17/2024 Modified 01/14/2025 Description This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this structure any number can be used in the JSON structure. The verifier can receive a state which does not represent the actual, possibly malicious state of the device under test. The malicious device might get access to data it shouldn't, or can use services it shouldn't be able to. This issue has been patched in version 4.1.0. Solution(s) huawei-euleros-2_0_sp9-upgrade-tpm2-tss References https://attackerkb.com/topics/cve-2024-29040 CVE - 2024-29040 EulerOS-SA-2024-1976

Huawei EulerOS: CVE-2024-29040: tpm2-tss security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/28/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this structure any number can be used in the JSON structure. The verifier can receive a state which does not represent the actual, possibly malicious state of the device under test. The malicious device might get access to data it shouldn't, or can use services it shouldn't be able to. This issue has been patched in version 4.1.0. Solution(s) huawei-euleros-2_0_sp12-upgrade-tpm2-tss References https://attackerkb.com/topics/cve-2024-29040 CVE - 2024-29040 EulerOS-SA-2024-2253

Debian: CVE-2024-27629: dcm2niix -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/28/2024 Created 09/03/2024 Added 09/02/2024 Modified 09/02/2024 Description An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used. Solution(s) debian-upgrade-dcm2niix References https://attackerkb.com/topics/cve-2024-27629 CVE - 2024-27629

Huawei EulerOS: CVE-2024-29040: tpm2-tss security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/28/2024 Created 07/16/2024 Added 07/16/2024 Modified 12/12/2024 Description This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this structure any number can be used in the JSON structure. The verifier can receive a state which does not represent the actual, possibly malicious state of the device under test. The malicious device might get access to data it shouldn't, or can use services it shouldn't be able to. This issue has been patched in version 4.1.0. Solution(s) huawei-euleros-2_0_sp10-upgrade-tpm2-tss References https://attackerkb.com/topics/cve-2024-29040 CVE - 2024-29040 EulerOS-SA-2024-1924

Huawei EulerOS: CVE-2024-37371: krb5 security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 01/23/2025 Added 01/21/2025 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) huawei-euleros-2_0_sp8-upgrade-krb5-devel huawei-euleros-2_0_sp8-upgrade-krb5-libs huawei-euleros-2_0_sp8-upgrade-krb5-pkinit huawei-euleros-2_0_sp8-upgrade-krb5-server huawei-euleros-2_0_sp8-upgrade-krb5-server-ldap huawei-euleros-2_0_sp8-upgrade-krb5-workstation huawei-euleros-2_0_sp8-upgrade-libkadm5 References https://attackerkb.com/topics/cve-2024-37371 CVE - 2024-37371 EulerOS-SA-2025-1124

Alma Linux: CVE-2024-29039: Low: tpm2-tools security update (ALSA-2024-9424) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/28/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file.As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7. Solution(s) alma-upgrade-tpm2-tools References https://attackerkb.com/topics/cve-2024-29039 CVE - 2024-29039 https://errata.almalinux.org/9/ALSA-2024-9424.html

Huawei EulerOS: CVE-2024-37370: krb5 security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 06/28/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. Solution(s) huawei-euleros-2_0_sp9-upgrade-krb5 huawei-euleros-2_0_sp9-upgrade-krb5-client huawei-euleros-2_0_sp9-upgrade-krb5-libs huawei-euleros-2_0_sp9-upgrade-krb5-server References https://attackerkb.com/topics/cve-2024-37370 CVE - 2024-37370 EulerOS-SA-2024-2395

Red Hat: CVE-2024-29039: tpm2-tools: pcr selection value is not compared with the attest (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:S/C:N/I:P/A:N) Published 06/28/2024 Created 11/14/2024 Added 11/13/2024 Modified 11/13/2024 Description tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file.As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7. Solution(s) redhat-upgrade-tpm2-tools redhat-upgrade-tpm2-tools-debuginfo redhat-upgrade-tpm2-tools-debugsource References CVE-2024-29039 RHSA-2024:9424

Red Hat: CVE-2024-29038: tpm2-tools: arbitrary quote data may go undetected by tpm2_checkquote (Multiple Advisories) Severity 3 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:N) Published 06/28/2024 Created 11/14/2024 Added 11/13/2024 Modified 11/13/2024 Description tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7. Solution(s) redhat-upgrade-tpm2-tools redhat-upgrade-tpm2-tools-debuginfo redhat-upgrade-tpm2-tools-debugsource References CVE-2024-29038 RHSA-2024:9424

Oracle MySQL Vulnerability: CVE-2024-37371 Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 01/23/2025 Added 01/22/2025 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2024-37371 CVE - 2024-37371

Alpine Linux: CVE-2024-29040: Vulnerability in Multiple Components Severity 2 CVSS (AV:L/AC:L/Au:N/C:P/I:N/A:N) Published 06/28/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this structure any number can be used in the JSON structure. The verifier can receive a state which does not represent the actual, possibly malicious state of the device under test. The malicious device might get access to data it shouldn't, or can use services it shouldn't be able to. This issue has been patched in version 4.1.0. Solution(s) alpine-linux-upgrade-tpm2-tss References https://attackerkb.com/topics/cve-2024-29040 CVE - 2024-29040 https://security.alpinelinux.org/vuln/CVE-2024-29040

VMware Photon OS: CVE-2024-37371 Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-37371 CVE - 2024-37371

Red Hat: CVE-2024-37371: krb5: GSS message token handling (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 07/24/2024 Added 07/24/2024 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) redhat-upgrade-krb5-debuginfo redhat-upgrade-krb5-debugsource redhat-upgrade-krb5-devel redhat-upgrade-krb5-devel-debuginfo redhat-upgrade-krb5-libs redhat-upgrade-krb5-libs-debuginfo redhat-upgrade-krb5-pkinit redhat-upgrade-krb5-pkinit-debuginfo redhat-upgrade-krb5-server redhat-upgrade-krb5-server-debuginfo redhat-upgrade-krb5-server-ldap redhat-upgrade-krb5-server-ldap-debuginfo redhat-upgrade-krb5-workstation redhat-upgrade-krb5-workstation-debuginfo redhat-upgrade-libkadm5 redhat-upgrade-libkadm5-debuginfo References CVE-2024-37371 RHSA-2024:4743 RHSA-2024:5312 RHSA-2024:5643 RHSA-2024:6166

VMware Photon OS: CVE-2024-37370 Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 06/28/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-37370 CVE - 2024-37370

Huawei EulerOS: CVE-2024-37371: krb5 security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 06/28/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Solution(s) huawei-euleros-2_0_sp10-upgrade-krb5 huawei-euleros-2_0_sp10-upgrade-krb5-client huawei-euleros-2_0_sp10-upgrade-krb5-libs huawei-euleros-2_0_sp10-upgrade-krb5-server References https://attackerkb.com/topics/cve-2024-37371 CVE - 2024-37371 EulerOS-SA-2024-2442

Gentoo Linux: CVE-2024-38474: Apache HTTPD: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/01/2024 Created 10/01/2024 Added 09/30/2024 Modified 01/30/2025 Description Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. Solution(s) gentoo-linux-upgrade-www-servers-apache References https://attackerkb.com/topics/cve-2024-38474 CVE - 2024-38474 202409-31

VMware Photon OS: CVE-2024-29039 Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 06/28/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file.As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-29039 CVE - 2024-29039

Alpine Linux: CVE-2024-38477: NULL Pointer Dereference Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/01/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Solution(s) alpine-linux-upgrade-apache2 References https://attackerkb.com/topics/cve-2024-38477 CVE - 2024-38477 https://security.alpinelinux.org/vuln/CVE-2024-38477

Gentoo Linux: CVE-2024-36387: Apache HTTPD: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/01/2024 Created 10/01/2024 Added 09/30/2024 Modified 09/30/2024 Description Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. Solution(s) gentoo-linux-upgrade-www-servers-apache References https://attackerkb.com/topics/cve-2024-36387 CVE - 2024-36387 202409-31

Alpine Linux: CVE-2024-38476: Vulnerability in Multiple Components Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/01/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Solution(s) alpine-linux-upgrade-apache2 References https://attackerkb.com/topics/cve-2024-38476 CVE - 2024-38476 https://security.alpinelinux.org/vuln/CVE-2024-38476