ISHACK AI BOT

Debian: CVE-2024-5742: nano -- security update Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 06/12/2024 Created 06/19/2024 Added 06/18/2024 Modified 01/28/2025 Description A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Solution(s) debian-upgrade-nano References https://attackerkb.com/topics/cve-2024-5742 CVE - 2024-5742 DLA-3831-1

Google Chrome Vulnerability: CVE-2024-5836 Inappropriate Implementation in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-5836 CVE - 2024-5836

Google Chrome Vulnerability: CVE-2024-5831 Use after free in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-5831 CVE - 2024-5831

Google Chrome Vulnerability: CVE-2024-5847 Use after free in PDFium Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-5847 CVE - 2024-5847

Google Chrome Vulnerability: CVE-2024-5841 Use after free in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-5841 CVE - 2024-5841

SUSE: CVE-2024-5742: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Solution(s) suse-upgrade-nano suse-upgrade-nano-lang References https://attackerkb.com/topics/cve-2024-5742 CVE - 2024-5742

Google Chrome Vulnerability: CVE-2024-5830 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-5830 CVE - 2024-5830

Rocky Linux: CVE-2024-3183: idm-DL1 (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:N) Published 06/12/2024 Created 06/17/2024 Added 06/17/2024 Modified 01/30/2025 Description A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). Solution(s) rocky-upgrade-bind-dyndb-ldap rocky-upgrade-bind-dyndb-ldap-debuginfo rocky-upgrade-bind-dyndb-ldap-debugsource rocky-upgrade-ipa-client rocky-upgrade-ipa-client-debuginfo rocky-upgrade-ipa-client-epn rocky-upgrade-ipa-client-samba rocky-upgrade-ipa-debuginfo rocky-upgrade-ipa-debugsource rocky-upgrade-ipa-server rocky-upgrade-ipa-server-debuginfo rocky-upgrade-ipa-server-trust-ad rocky-upgrade-ipa-server-trust-ad-debuginfo rocky-upgrade-opendnssec rocky-upgrade-opendnssec-debuginfo rocky-upgrade-opendnssec-debugsource rocky-upgrade-slapi-nis rocky-upgrade-slapi-nis-debuginfo rocky-upgrade-slapi-nis-debugsource rocky-upgrade-softhsm rocky-upgrade-softhsm-debuginfo rocky-upgrade-softhsm-debugsource rocky-upgrade-softhsm-devel References https://attackerkb.com/topics/cve-2024-3183 CVE - 2024-3183 https://errata.rockylinux.org/RLSA-2024:3754 https://errata.rockylinux.org/RLSA-2024:3755

FreeBSD: VID-92CD1C03-2940-11EF-BC02-001B217B3468 (CVE-2024-1736): Gitlab -- Vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 06/12/2024 Created 06/14/2024 Added 06/13/2024 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. A vulnerability in GitLab's CI/CD pipeline editor could allow for denial of service attacks through maliciously crafted configuration files. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-1736

Ubuntu: (Multiple Advisories) (CVE-2024-5742): nano vulnerability Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 06/12/2024 Created 10/18/2024 Added 10/17/2024 Modified 01/28/2025 Description A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Solution(s) ubuntu-pro-upgrade-nano References https://attackerkb.com/topics/cve-2024-5742 CVE - 2024-5742 USN-7064-1 USN-7064-2

VMware Photon OS: CVE-2024-5742 Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 06/12/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-5742 CVE - 2024-5742

FreeBSD: VID-92CD1C03-2940-11EF-BC02-001B217B3468 (CVE-2024-1963): Gitlab -- Vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 06/12/2024 Created 06/14/2024 Added 06/13/2024 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. A vulnerability in GitLab's Asana integration allowed an attacker to potentially cause a regular expression denial of service by sending specially crafted requests. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-1963

Red Hat: CVE-2024-5742: nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file (Multiple Advisories) Severity 4 CVSS (AV:L/AC:H/Au:S/C:N/I:C/A:N) Published 06/12/2024 Created 09/26/2024 Added 09/25/2024 Modified 11/13/2024 Description A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Solution(s) redhat-upgrade-nano redhat-upgrade-nano-debuginfo redhat-upgrade-nano-debugsource References CVE-2024-5742 RHSA-2024:6986 RHSA-2024:9430

Google Chrome Vulnerability: CVE-2024-5834 Inappropriate implementation in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/12/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-5834 CVE - 2024-5834

Alma Linux: CVE-2024-5742: Low: nano security update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 06/12/2024 Created 09/27/2024 Added 09/26/2024 Modified 01/28/2025 Description A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Solution(s) alma-upgrade-nano References https://attackerkb.com/topics/cve-2024-5742 CVE - 2024-5742 https://errata.almalinux.org/8/ALSA-2024-6986.html https://errata.almalinux.org/9/ALSA-2024-9430.html

Google Chrome Vulnerability: CVE-2023-7011 Inappropriate implementation in Picture in Picture Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/11/2024 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-7011 CVE - 2023-7011

Red Hat: CVE-2024-5693: Mozilla: Cross-Origin Image leak via Offscreen Canvas (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/19/2024 Added 06/18/2024 Modified 09/03/2024 Description Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2024-5693 RHSA-2024:3949 RHSA-2024:3950 RHSA-2024:3951 RHSA-2024:3954 RHSA-2024:3955 RHSA-2024:4002 RHSA-2024:4004 RHSA-2024:4016 RHSA-2024:4018 RHSA-2024:4036 View more

Google Chrome Vulnerability: CVE-2023-7010 Use after free in WebRTC Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description Use after free in WebRTC in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-7010 CVE - 2023-7010

Google Chrome Vulnerability: CVE-2024-3172 Insufficient data validation in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-3172 CVE - 2024-3172 https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html

Red Hat: CVE-2024-35235: cups: Cupsd Listen arbitrary chmod 0140777 (Multiple Advisories) Severity 4 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:N) Published 06/11/2024 Created 07/03/2024 Added 07/03/2024 Modified 09/13/2024 Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. Solution(s) redhat-upgrade-cups redhat-upgrade-cups-client redhat-upgrade-cups-client-debuginfo redhat-upgrade-cups-debuginfo redhat-upgrade-cups-debugsource redhat-upgrade-cups-devel redhat-upgrade-cups-filesystem redhat-upgrade-cups-ipptool redhat-upgrade-cups-ipptool-debuginfo redhat-upgrade-cups-libs redhat-upgrade-cups-libs-debuginfo redhat-upgrade-cups-lpd redhat-upgrade-cups-lpd-debuginfo redhat-upgrade-cups-printerapp redhat-upgrade-cups-printerapp-debuginfo References CVE-2024-35235 RHSA-2024:4265 RHSA-2024:4580 RHSA-2024:4776 RHSA-2024:5644

Huawei EulerOS: CVE-2024-35235: cups security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 10/10/2024 Added 10/09/2024 Modified 10/09/2024 Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. Solution(s) huawei-euleros-2_0_sp12-upgrade-cups-libs References https://attackerkb.com/topics/cve-2024-35235 CVE - 2024-35235 EulerOS-SA-2024-2523

Red Hat: CVE-2024-5688: Mozilla: Use-after-free in JavaScript object transplant (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/19/2024 Added 06/18/2024 Modified 09/03/2024 Description If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2024-5688 RHSA-2024:3949 RHSA-2024:3950 RHSA-2024:3951 RHSA-2024:3954 RHSA-2024:3955 RHSA-2024:4002 RHSA-2024:4004 RHSA-2024:4016 RHSA-2024:4018 RHSA-2024:4036 View more

Microsoft Edge Chromium: CVE-2024-5836 Inappropriate Implementation in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/14/2024 Added 06/14/2024 Modified 01/28/2025 Description Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-5836 CVE - 2024-5836 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5836

Microsoft Edge Chromium: CVE-2024-5844 Heap buffer overflow in Tab Strip Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/14/2024 Added 06/14/2024 Modified 01/28/2025 Description Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-5844 CVE - 2024-5844 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5844

Microsoft Edge Chromium: CVE-2024-5840 Policy Bypass in CORS Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/11/2024 Created 06/14/2024 Added 06/14/2024 Modified 01/28/2025 Description Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-5840 CVE - 2024-5840 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5840