ISHACK AI BOT

Alma Linux: CVE-2024-5702: Important: firefox security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/20/2024 Added 06/20/2024 Modified 09/19/2024 Description Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-5702 CVE - 2024-5702 https://errata.almalinux.org/8/ALSA-2024-3954.html https://errata.almalinux.org/8/ALSA-2024-4036.html https://errata.almalinux.org/9/ALSA-2024-3955.html https://errata.almalinux.org/9/ALSA-2024-4002.html

Alma Linux: CVE-2024-35235: Moderate: cups security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 07/04/2024 Added 07/04/2024 Modified 09/18/2024 Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. Solution(s) alma-upgrade-cups alma-upgrade-cups-client alma-upgrade-cups-devel alma-upgrade-cups-filesystem alma-upgrade-cups-ipptool alma-upgrade-cups-libs alma-upgrade-cups-lpd alma-upgrade-cups-printerapp References https://attackerkb.com/topics/cve-2024-35235 CVE - 2024-35235 https://errata.almalinux.org/8/ALSA-2024-4265.html https://errata.almalinux.org/9/ALSA-2024-4776.html

FreeBSD: VID-7E6E932F-617B-11EF-8A7D-B42E991FC52E (CVE-2024-5698): firefox -- Multiple vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 06/11/2024 Created 08/27/2024 Added 08/24/2024 Modified 01/28/2025 Description By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127. Solution(s) freebsd-upgrade-package-firefox References CVE-2024-5698

MFSA2024-28 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.12 (CVE-2024-5691) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 06/11/2024 Created 06/14/2024 Added 06/14/2024 Modified 01/28/2025 Description By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) mozilla-thunderbird-upgrade-115_12 References https://attackerkb.com/topics/cve-2024-5691 CVE - 2024-5691 http://www.mozilla.org/security/announce/2024/mfsa2024-28.html

Ubuntu: (Multiple Advisories) (CVE-2024-5691): Thunderbird vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 06/11/2024 Created 06/24/2024 Added 06/24/2024 Modified 01/28/2025 Description By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-5691 CVE - 2024-5691 USN-6840-1 USN-6862-1

MFSA2024-28 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.12 (CVE-2024-5692) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/14/2024 Added 06/14/2024 Modified 06/24/2024 Description On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) mozilla-thunderbird-upgrade-115_12 References https://attackerkb.com/topics/cve-2024-5692 CVE - 2024-5692 http://www.mozilla.org/security/announce/2024/mfsa2024-28.html

MFSA2024-28 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.12 (CVE-2024-5700) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/14/2024 Added 06/14/2024 Modified 06/24/2024 Description Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) mozilla-thunderbird-upgrade-115_12 References https://attackerkb.com/topics/cve-2024-5700 CVE - 2024-5700 http://www.mozilla.org/security/announce/2024/mfsa2024-28.html

Ubuntu: (Multiple Advisories) (CVE-2024-5693): Thunderbird vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/24/2024 Added 06/24/2024 Modified 07/04/2024 Description Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-5693 CVE - 2024-5693 USN-6840-1 USN-6862-1

Google Chrome Vulnerability: CVE-2024-3168 Use after free in DevTools Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-3168 CVE - 2024-3168 https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html

Google Chrome Vulnerability: CVE-2024-3171 Use after free in Accessibility Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-3171 CVE - 2024-3171 https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html

Debian: CVE-2024-35235: cups -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 06/17/2024 Added 06/17/2024 Modified 06/17/2024 Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. Solution(s) debian-upgrade-cups References https://attackerkb.com/topics/cve-2024-35235 CVE - 2024-35235 DLA-3826-1

FreeBSD: VID-7E6E932F-617B-11EF-8A7D-B42E991FC52E (CVE-2024-5697): firefox -- Multiple vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 06/11/2024 Created 08/27/2024 Added 08/24/2024 Modified 01/28/2025 Description A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127. Solution(s) freebsd-upgrade-package-firefox References CVE-2024-5697

Red Hat: CVE-2023-4727: dogtag ca: token authentication bypass vulnerability (Multiple Advisories) Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/26/2024 Added 06/26/2024 Modified 09/13/2024 Description A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege. Solution(s) redhat-upgrade-idm-jss redhat-upgrade-idm-jss-debuginfo redhat-upgrade-idm-jss-javadoc redhat-upgrade-idm-ldapjdk redhat-upgrade-idm-ldapjdk-javadoc redhat-upgrade-idm-pki-acme redhat-upgrade-idm-pki-base redhat-upgrade-idm-pki-base-java redhat-upgrade-idm-pki-ca redhat-upgrade-idm-pki-est redhat-upgrade-idm-pki-java redhat-upgrade-idm-pki-kra redhat-upgrade-idm-pki-server redhat-upgrade-idm-pki-symkey redhat-upgrade-idm-pki-symkey-debuginfo redhat-upgrade-idm-pki-tools redhat-upgrade-idm-pki-tools-debuginfo redhat-upgrade-idm-tomcatjss redhat-upgrade-jss redhat-upgrade-jss-debuginfo redhat-upgrade-jss-debugsource redhat-upgrade-jss-javadoc redhat-upgrade-ldapjdk redhat-upgrade-ldapjdk-javadoc redhat-upgrade-pki-base redhat-upgrade-pki-base-java redhat-upgrade-pki-ca redhat-upgrade-pki-core-debuginfo redhat-upgrade-pki-core-debugsource redhat-upgrade-pki-javadoc redhat-upgrade-pki-kra redhat-upgrade-pki-server redhat-upgrade-pki-symkey redhat-upgrade-pki-tools redhat-upgrade-python3-idm-pki redhat-upgrade-resteasy redhat-upgrade-resteasy-javadoc redhat-upgrade-tomcatjss References CVE-2023-4727 RHSA-2024:4051 RHSA-2024:4165 RHSA-2024:4179 RHSA-2024:4222 RHSA-2024:4367

Huawei EulerOS: CVE-2024-35235: cups security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/11/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. Solution(s) huawei-euleros-2_0_sp10-upgrade-cups-libs References https://attackerkb.com/topics/cve-2024-35235 CVE - 2024-35235 EulerOS-SA-2024-2432

Google Chrome Vulnerability: CVE-2019-25154 Inappropriate implementation in iframe Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/11/2024 Added 06/11/2024 Modified 01/28/2025 Description Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2019-25154 CVE - 2019-25154 https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html

FreeBSD: VID-453AA0FC-2D91-11EF-8A0F-A8A1599412C6 (CVE-2024-5834): chromium -- multiple security fixes Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-5834

FreeBSD: VID-453AA0FC-2D91-11EF-8A0F-A8A1599412C6 (CVE-2024-5839): chromium -- multiple security fixes Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 06/11/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-5839

Fortinet FortiOS: Out-of-bounds Write (CVE-2024-23110) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/11/2024 Created 08/27/2024 Added 08/26/2024 Modified 01/28/2025 Description A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands Solution(s) fortios-upgrade-6_2_16 fortios-upgrade-6_4_15 fortios-upgrade-7_0_14 fortios-upgrade-7_2_7 fortios-upgrade-7_4_3 References https://attackerkb.com/topics/cve-2024-23110 CVE - 2024-23110 https://fortiguard.com/psirt/FG-IR-23-460

FreeBSD: VID-453AA0FC-2D91-11EF-8A0F-A8A1599412C6 (CVE-2024-5837): chromium -- multiple security fixes Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-5837

Fortinet FortiOS: Out-of-bounds Write (CVE-2024-26010) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/28/2025 Description A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets. Solution(s) fortios-upgrade-7_0_15 fortios-upgrade-7_2_8 fortios-upgrade-7_4_4 References https://attackerkb.com/topics/cve-2024-26010 CVE - 2024-26010 https://fortiguard.fortinet.com/psirt/FG-IR-24-036

FreeBSD: VID-453AA0FC-2D91-11EF-8A0F-A8A1599412C6 (CVE-2024-5845): chromium -- multiple security fixes Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-5845

FreeBSD: VID-453AA0FC-2D91-11EF-8A0F-A8A1599412C6 (CVE-2024-5847): chromium -- multiple security fixes Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-5847

SUSE: CVE-2024-5830: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 07/20/2024 Added 07/19/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2024-5830 CVE - 2024-5830

FreeBSD: (Multiple Advisories) (CVE-2024-5831): electron30 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/11/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron29 freebsd-upgrade-package-electron30 freebsd-upgrade-package-ungoogled-chromium References CVE-2024-5831

Fortinet FortiOS: Out-of-bounds Write (CVE-2023-46720) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/11/2024 Created 08/27/2024 Added 08/26/2024 Modified 01/28/2025 Description A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands. Solution(s) fortios-upgrade-7_2_8 fortios-upgrade-7_4_3 References https://attackerkb.com/topics/cve-2023-46720 CVE - 2023-46720 https://fortiguard.fortinet.com/psirt/FG-IR-23-356