ISHACK AI BOT

Microsoft Windows: CVE-2024-30019: DHCP Server Service Denial of Service Vulnerability Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description DHCP Server Service Denial of Service Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30019 CVE - 2024-30019 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-30018: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30018 CVE - 2024-30018 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

Microsoft Windows: CVE-2024-30037: Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Windows Common Log File System Driver Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30037 CVE - 2024-30037 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-30017: Windows Hyper-V Remote Code Execution Vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Hyper-V Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30017 CVE - 2024-30017 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 View more

Microsoft Windows: CVE-2024-30028: Win32k Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Win32k Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30028 CVE - 2024-30028 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Huawei EulerOS: CVE-2023-52656: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of it. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-52656 CVE - 2023-52656 EulerOS-SA-2024-2207

Microsoft Windows: CVE-2024-30016: Windows Cryptographic Services Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Windows Cryptographic Services Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30016 CVE - 2024-30016 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Debian: CVE-2024-4854: wireshark -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/01/2024 Description MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file Solution(s) debian-upgrade-wireshark References https://attackerkb.com/topics/cve-2024-4854 CVE - 2024-4854 DLA-3906-1

SUSE: CVE-2024-33875: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/21/2024 Added 06/21/2024 Modified 06/26/2024 Description HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer. Solution(s) suse-upgrade-hdf5-gnu-hpc suse-upgrade-hdf5-gnu-hpc-devel suse-upgrade-hdf5-gnu-mpich-hpc suse-upgrade-hdf5-gnu-mpich-hpc-devel suse-upgrade-hdf5-gnu-mvapich2-hpc suse-upgrade-hdf5-gnu-mvapich2-hpc-devel suse-upgrade-hdf5-gnu-openmpi1-hpc-devel suse-upgrade-hdf5-gnu-openmpi3-hpc suse-upgrade-hdf5-gnu-openmpi3-hpc-devel suse-upgrade-hdf5-gnu-openmpi4-hpc suse-upgrade-hdf5-gnu-openmpi4-hpc-devel suse-upgrade-hdf5-hpc-examples suse-upgrade-hdf5_1_10_11-gnu-hpc suse-upgrade-hdf5_1_10_11-gnu-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-module suse-upgrade-hdf5_1_10_11-hpc-examples suse-upgrade-libhdf5-gnu-hpc suse-upgrade-libhdf5-gnu-mpich-hpc suse-upgrade-libhdf5-gnu-mvapich2-hpc suse-upgrade-libhdf5-gnu-openmpi1-hpc suse-upgrade-libhdf5-gnu-openmpi3-hpc suse-upgrade-libhdf5-gnu-openmpi4-hpc suse-upgrade-libhdf5_1_10_11-gnu-hpc suse-upgrade-libhdf5_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp-gnu-hpc suse-upgrade-libhdf5_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran-gnu-hpc suse-upgrade-libhdf5_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl-gnu-hpc suse-upgrade-libhdf5_hl-gnu-mpich-hpc suse-upgrade-libhdf5_hl-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp-gnu-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_fortran-gnu-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libmca_common_dstore1 suse-upgrade-libopenmpi4-gnu-hpc suse-upgrade-libopenmpi_4_1_4-gnu-hpc suse-upgrade-libopenmpi_4_1_6-gnu-hpc suse-upgrade-libpmix2 suse-upgrade-lua51-luaposix suse-upgrade-lua51-luaterm suse-upgrade-lua53-luaposix suse-upgrade-lua53-luaterm suse-upgrade-luaposix-doc suse-upgrade-mpich suse-upgrade-mpich-devel suse-upgrade-mpich-gnu-hpc suse-upgrade-mpich-gnu-hpc-devel suse-upgrade-mpich-gnu-hpc-devel-static suse-upgrade-mpich-gnu-hpc-macros-devel suse-upgrade-mpich-ofi suse-upgrade-mpich-ofi-devel suse-upgrade-mpich-ofi-gnu-hpc suse-upgrade-mpich-ofi-gnu-hpc-devel suse-upgrade-mpich-ofi-gnu-hpc-devel-static suse-upgrade-mpich-ofi-gnu-hpc-macros-devel suse-upgrade-mpich-ofi_4_0_2-gnu-hpc suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-devel suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-devel-static suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-macros-devel suse-upgrade-mpich-ofi_4_1_2-gnu-hpc suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-devel suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-devel-static suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-macros-devel suse-upgrade-mpich_4_0_2-gnu-hpc suse-upgrade-mpich_4_0_2-gnu-hpc-devel suse-upgrade-mpich_4_0_2-gnu-hpc-devel-static suse-upgrade-mpich_4_0_2-gnu-hpc-macros-devel suse-upgrade-mpich_4_1_2-gnu-hpc suse-upgrade-mpich_4_1_2-gnu-hpc-devel suse-upgrade-mpich_4_1_2-gnu-hpc-devel-static suse-upgrade-mpich_4_1_2-gnu-hpc-macros-devel suse-upgrade-mvapich2 suse-upgrade-mvapich2-devel suse-upgrade-mvapich2-devel-static suse-upgrade-mvapich2-doc suse-upgrade-mvapich2-gnu-hpc suse-upgrade-mvapich2-gnu-hpc-devel suse-upgrade-mvapich2-gnu-hpc-doc suse-upgrade-mvapich2-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm suse-upgrade-mvapich2-psm-devel suse-upgrade-mvapich2-psm-devel-static suse-upgrade-mvapich2-psm-doc suse-upgrade-mvapich2-psm-gnu-hpc suse-upgrade-mvapich2-psm-gnu-hpc-devel suse-upgrade-mvapich2-psm-gnu-hpc-doc suse-upgrade-mvapich2-psm-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm2 suse-upgrade-mvapich2-psm2-devel suse-upgrade-mvapich2-psm2-devel-static suse-upgrade-mvapich2-psm2-doc suse-upgrade-mvapich2-psm2-gnu-hpc suse-upgrade-mvapich2-psm2-gnu-hpc-devel suse-upgrade-mvapich2-psm2-gnu-hpc-doc suse-upgrade-mvapich2-psm2-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-macros-devel suse-upgrade-mvapich2_2_3_7-gnu-hpc suse-upgrade-mvapich2_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2_2_3_7-gnu-hpc-macros-devel suse-upgrade-openmpi4 suse-upgrade-openmpi4-config suse-upgrade-openmpi4-devel suse-upgrade-openmpi4-docs suse-upgrade-openmpi4-gnu-hpc suse-upgrade-openmpi4-gnu-hpc-devel suse-upgrade-openmpi4-gnu-hpc-devel-static suse-upgrade-openmpi4-gnu-hpc-docs suse-upgrade-openmpi4-gnu-hpc-macros-devel suse-upgrade-openmpi4-libs suse-upgrade-openmpi4-libs-32bit suse-upgrade-openmpi4-macros-devel suse-upgrade-openmpi4-testsuite suse-upgrade-openmpi_4_1_4-gnu-hpc suse-upgrade-openmpi_4_1_4-gnu-hpc-devel suse-upgrade-openmpi_4_1_4-gnu-hpc-devel-static suse-upgrade-openmpi_4_1_4-gnu-hpc-docs suse-upgrade-openmpi_4_1_4-gnu-hpc-macros-devel suse-upgrade-openmpi_4_1_4-gnu-hpc-testsuite suse-upgrade-openmpi_4_1_6-gnu-hpc suse-upgrade-openmpi_4_1_6-gnu-hpc-devel suse-upgrade-openmpi_4_1_6-gnu-hpc-devel-static suse-upgrade-openmpi_4_1_6-gnu-hpc-docs suse-upgrade-openmpi_4_1_6-gnu-hpc-macros-devel suse-upgrade-openmpi_4_1_6-gnu-hpc-testsuite suse-upgrade-pmix suse-upgrade-pmix-devel suse-upgrade-pmix-headers suse-upgrade-pmix-mca-params suse-upgrade-pmix-plugin-munge suse-upgrade-pmix-plugins suse-upgrade-pmix-test References https://attackerkb.com/topics/cve-2024-33875 CVE - 2024-33875

SUSE: CVE-2024-27399: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/14/2024 Added 06/13/2024 Modified 08/28/2024 Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be set to null. But the conn could be dereferenced again in the mutex_lock() of l2cap_chan_timeout(). As a result the null pointer dereference bug will happen. The KASAN report triggered by POC is shown below: [472.074580] ================================================================== [472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0 [472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7 [472.075308] [472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36 [472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4 [472.075308] Workqueue: events l2cap_chan_timeout [472.075308] Call Trace: [472.075308]<TASK> [472.075308]dump_stack_lvl+0x137/0x1a0 [472.075308]print_report+0x101/0x250 [472.075308]? __virt_addr_valid+0x77/0x160 [472.075308]? mutex_lock+0x68/0xc0 [472.075308]kasan_report+0x139/0x170 [472.075308]? mutex_lock+0x68/0xc0 [472.075308]kasan_check_range+0x2c3/0x2e0 [472.075308]mutex_lock+0x68/0xc0 [472.075308]l2cap_chan_timeout+0x181/0x300 [472.075308]process_one_work+0x5d2/0xe00 [472.075308]worker_thread+0xe1d/0x1660 [472.075308]? pr_cont_work+0x5e0/0x5e0 [472.075308]kthread+0x2b7/0x350 [472.075308]? pr_cont_work+0x5e0/0x5e0 [472.075308]? kthread_blkcg+0xd0/0xd0 [472.075308]ret_from_fork+0x4d/0x80 [472.075308]? kthread_blkcg+0xd0/0xd0 [472.075308]ret_from_fork_asm+0x11/0x20 [472.075308]</TASK> [472.075308] ================================================================== [472.094860] Disabling lock debugging due to kernel taint [472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158 [472.096136] #PF: supervisor write access in kernel mode [472.096136] #PF: error_code(0x0002) - not-present page [472.096136] PGD 0 P4D 0 [472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI [472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: GB6.9.0-rc5-00356-g78c0094a146b #36 [472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4 [472.096136] Workqueue: events l2cap_chan_timeout [472.096136] RIP: 0010:mutex_lock+0x88/0xc0 [472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88 [472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246 [472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865 [472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78 [472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f [472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000 [472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00 [472.096136] FS:0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000 [472.096136] CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0 [472.096136] Call Trace: [472.096136]<TASK> [472.096136]? __die_body+0x8d/0xe0 [472.096136]? page_fault_oops+0x6b8/0x9a0 [472.096136]? kernelmode_fixup_or_oops+0x20c/0x2a0 [472.096136]? do_user_addr_fault+0x1027/0x1340 [472.096136]? _printk+0x7a/0xa0 [472.096136]? mutex_lock+0x68/0xc0 [472.096136]? add_taint+0x42/0xd0 [472.096136]? exc_page_fault+0x6a/0x1b0 [472.096136]? asm_exc_page_fault+0x26/0x30 [472.096136]? mutex_lock+0x75/0xc0 [472.096136]? mutex_lock+0x88/0xc0 [472.096136]? mutex_lock+0x75/0xc0 [472.096136]l2cap_chan_timeo ---truncated--- Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2024-27399 CVE - 2024-27399

Amazon Linux AMI 2: CVE-2024-4777: Security patch for firefox, thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2024-4777 AL2/ALAS-2024-2561 AL2/ALASFIREFOX-2024-025 CVE - 2024-4777

Amazon Linux AMI 2: CVE-2024-4367: Security patch for firefox, thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2024-4367 AL2/ALAS-2024-2561 AL2/ALASFIREFOX-2024-025 CVE - 2024-4367

Oracle Linux: CVE-2024-32020: ELSA-2024-4083:git security update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:H/Au:S/C:N/I:P/A:P) Published 05/14/2024 Created 06/27/2024 Added 06/25/2024 Modified 01/07/2025 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository&apos;s object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a &quot;proper&quot; clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. A vulnerability was found in Git. This flaw allows an unauthenticated attacker to place a specialized repository on their target&apos;s local system. For performance reasons, Git uses hardlinks when cloning a repository located on the same disk. However, if the repo being cloned is owned by a different user, this can introduce a security risk. At any time in the future, the original repo owner could rewrite the hardlinked files in the cloned user&apos;s repo. Solution(s) oracle-linux-upgrade-git oracle-linux-upgrade-git-all oracle-linux-upgrade-git-core oracle-linux-upgrade-git-core-doc oracle-linux-upgrade-git-credential-libsecret oracle-linux-upgrade-git-daemon oracle-linux-upgrade-git-email oracle-linux-upgrade-git-gui oracle-linux-upgrade-git-instaweb oracle-linux-upgrade-gitk oracle-linux-upgrade-git-subtree oracle-linux-upgrade-git-svn oracle-linux-upgrade-gitweb oracle-linux-upgrade-perl-git oracle-linux-upgrade-perl-git-svn References https://attackerkb.com/topics/cve-2024-32020 CVE - 2024-32020 ELSA-2024-4083 ELSA-2024-4084

Oracle Linux: CVE-2024-32021: ELSA-2024-4083:git security update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:H/Au:S/C:N/I:P/A:P) Published 05/14/2024 Created 06/27/2024 Added 06/25/2024 Modified 01/07/2025 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository&apos;s `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. A vulnerability was found in Git. This flaw allows an unauthenticated attacker to place a repository on their target&apos;s local system that contains symlinks. During the cloning process, Git could be tricked into creating hardlinked arbitrary files into their repository&apos;s objects/ directory, impacting availability and integrity. Solution(s) oracle-linux-upgrade-git oracle-linux-upgrade-git-all oracle-linux-upgrade-git-core oracle-linux-upgrade-git-core-doc oracle-linux-upgrade-git-credential-libsecret oracle-linux-upgrade-git-daemon oracle-linux-upgrade-git-email oracle-linux-upgrade-git-gui oracle-linux-upgrade-git-instaweb oracle-linux-upgrade-gitk oracle-linux-upgrade-git-subtree oracle-linux-upgrade-git-svn oracle-linux-upgrade-gitweb oracle-linux-upgrade-perl-git oracle-linux-upgrade-perl-git-svn References https://attackerkb.com/topics/cve-2024-32021 CVE - 2024-32021 ELSA-2024-4083 ELSA-2024-4084

Amazon Linux AMI 2: CVE-2024-4317: Security patch for postgresql (ALASPOSTGRESQL14-2024-011) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/13/2024 Added 06/12/2024 Modified 02/14/2025 Description Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that version. Current PostgreSQL installations will remain vulnerable until they follow the instructions in the release notes. Within major versions 14-16, minor versions before PostgreSQL 16.3, 15.7, and 14.12 are affected. Versions before PostgreSQL 14 are unaffected. Solution(s) amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-4317 AL2/ALASPOSTGRESQL14-2024-011 CVE - 2024-4317

Amazon Linux AMI 2: CVE-2024-4770: Security patch for firefox, thunderbird (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/13/2024 Added 06/12/2024 Modified 06/13/2024 Description When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2024-4770 AL2/ALAS-2024-2561 AL2/ALASFIREFOX-2024-025 CVE - 2024-4770

SUSE: CVE-2024-33874: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/21/2024 Added 06/21/2024 Modified 06/26/2024 Description HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c. Solution(s) suse-upgrade-hdf5-gnu-hpc suse-upgrade-hdf5-gnu-hpc-devel suse-upgrade-hdf5-gnu-mpich-hpc suse-upgrade-hdf5-gnu-mpich-hpc-devel suse-upgrade-hdf5-gnu-mvapich2-hpc suse-upgrade-hdf5-gnu-mvapich2-hpc-devel suse-upgrade-hdf5-gnu-openmpi1-hpc-devel suse-upgrade-hdf5-gnu-openmpi3-hpc suse-upgrade-hdf5-gnu-openmpi3-hpc-devel suse-upgrade-hdf5-gnu-openmpi4-hpc suse-upgrade-hdf5-gnu-openmpi4-hpc-devel suse-upgrade-hdf5-hpc-examples suse-upgrade-hdf5_1_10_11-gnu-hpc suse-upgrade-hdf5_1_10_11-gnu-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-module suse-upgrade-hdf5_1_10_11-hpc-examples suse-upgrade-libhdf5-gnu-hpc suse-upgrade-libhdf5-gnu-mpich-hpc suse-upgrade-libhdf5-gnu-mvapich2-hpc suse-upgrade-libhdf5-gnu-openmpi1-hpc suse-upgrade-libhdf5-gnu-openmpi3-hpc suse-upgrade-libhdf5-gnu-openmpi4-hpc suse-upgrade-libhdf5_1_10_11-gnu-hpc suse-upgrade-libhdf5_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp-gnu-hpc suse-upgrade-libhdf5_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran-gnu-hpc suse-upgrade-libhdf5_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl-gnu-hpc suse-upgrade-libhdf5_hl-gnu-mpich-hpc suse-upgrade-libhdf5_hl-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp-gnu-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_fortran-gnu-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libmca_common_dstore1 suse-upgrade-libopenmpi4-gnu-hpc suse-upgrade-libopenmpi_4_1_4-gnu-hpc suse-upgrade-libopenmpi_4_1_6-gnu-hpc suse-upgrade-libpmix2 suse-upgrade-lua51-luaposix suse-upgrade-lua51-luaterm suse-upgrade-lua53-luaposix suse-upgrade-lua53-luaterm suse-upgrade-luaposix-doc suse-upgrade-mpich suse-upgrade-mpich-devel suse-upgrade-mpich-gnu-hpc suse-upgrade-mpich-gnu-hpc-devel suse-upgrade-mpich-gnu-hpc-devel-static suse-upgrade-mpich-gnu-hpc-macros-devel suse-upgrade-mpich-ofi suse-upgrade-mpich-ofi-devel suse-upgrade-mpich-ofi-gnu-hpc suse-upgrade-mpich-ofi-gnu-hpc-devel suse-upgrade-mpich-ofi-gnu-hpc-devel-static suse-upgrade-mpich-ofi-gnu-hpc-macros-devel suse-upgrade-mpich-ofi_4_0_2-gnu-hpc suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-devel suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-devel-static suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-macros-devel suse-upgrade-mpich-ofi_4_1_2-gnu-hpc suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-devel suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-devel-static suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-macros-devel suse-upgrade-mpich_4_0_2-gnu-hpc suse-upgrade-mpich_4_0_2-gnu-hpc-devel suse-upgrade-mpich_4_0_2-gnu-hpc-devel-static suse-upgrade-mpich_4_0_2-gnu-hpc-macros-devel suse-upgrade-mpich_4_1_2-gnu-hpc suse-upgrade-mpich_4_1_2-gnu-hpc-devel suse-upgrade-mpich_4_1_2-gnu-hpc-devel-static suse-upgrade-mpich_4_1_2-gnu-hpc-macros-devel suse-upgrade-mvapich2 suse-upgrade-mvapich2-devel suse-upgrade-mvapich2-devel-static suse-upgrade-mvapich2-doc suse-upgrade-mvapich2-gnu-hpc suse-upgrade-mvapich2-gnu-hpc-devel suse-upgrade-mvapich2-gnu-hpc-doc suse-upgrade-mvapich2-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm suse-upgrade-mvapich2-psm-devel suse-upgrade-mvapich2-psm-devel-static suse-upgrade-mvapich2-psm-doc suse-upgrade-mvapich2-psm-gnu-hpc suse-upgrade-mvapich2-psm-gnu-hpc-devel suse-upgrade-mvapich2-psm-gnu-hpc-doc suse-upgrade-mvapich2-psm-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm2 suse-upgrade-mvapich2-psm2-devel suse-upgrade-mvapich2-psm2-devel-static suse-upgrade-mvapich2-psm2-doc suse-upgrade-mvapich2-psm2-gnu-hpc suse-upgrade-mvapich2-psm2-gnu-hpc-devel suse-upgrade-mvapich2-psm2-gnu-hpc-doc suse-upgrade-mvapich2-psm2-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-macros-devel suse-upgrade-mvapich2_2_3_7-gnu-hpc suse-upgrade-mvapich2_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2_2_3_7-gnu-hpc-macros-devel suse-upgrade-openmpi4 suse-upgrade-openmpi4-config suse-upgrade-openmpi4-devel suse-upgrade-openmpi4-docs suse-upgrade-openmpi4-gnu-hpc suse-upgrade-openmpi4-gnu-hpc-devel suse-upgrade-openmpi4-gnu-hpc-devel-static suse-upgrade-openmpi4-gnu-hpc-docs suse-upgrade-openmpi4-gnu-hpc-macros-devel suse-upgrade-openmpi4-libs suse-upgrade-openmpi4-libs-32bit suse-upgrade-openmpi4-macros-devel suse-upgrade-openmpi4-testsuite suse-upgrade-openmpi_4_1_4-gnu-hpc suse-upgrade-openmpi_4_1_4-gnu-hpc-devel suse-upgrade-openmpi_4_1_4-gnu-hpc-devel-static suse-upgrade-openmpi_4_1_4-gnu-hpc-docs suse-upgrade-openmpi_4_1_4-gnu-hpc-macros-devel suse-upgrade-openmpi_4_1_4-gnu-hpc-testsuite suse-upgrade-openmpi_4_1_6-gnu-hpc suse-upgrade-openmpi_4_1_6-gnu-hpc-devel suse-upgrade-openmpi_4_1_6-gnu-hpc-devel-static suse-upgrade-openmpi_4_1_6-gnu-hpc-docs suse-upgrade-openmpi_4_1_6-gnu-hpc-macros-devel suse-upgrade-openmpi_4_1_6-gnu-hpc-testsuite suse-upgrade-pmix suse-upgrade-pmix-devel suse-upgrade-pmix-headers suse-upgrade-pmix-mca-params suse-upgrade-pmix-plugin-munge suse-upgrade-pmix-plugins suse-upgrade-pmix-test References https://attackerkb.com/topics/cve-2024-33874 CVE - 2024-33874

SUSE: CVE-2024-4767: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/21/2024 Added 05/20/2024 Modified 05/31/2024 Description If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-4767 CVE - 2024-4767

SUSE: CVE-2024-4769: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/21/2024 Added 05/20/2024 Modified 05/31/2024 Description When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses.This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-4769 CVE - 2024-4769

Amazon Linux AMI 2: CVE-2024-4767: Security patch for firefox, thunderbird (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/13/2024 Added 06/12/2024 Modified 06/13/2024 Description If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2024-4767 AL2/ALAS-2024-2561 AL2/ALASFIREFOX-2024-025 CVE - 2024-4767

SUSE: CVE-2024-4367: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/21/2024 Added 05/20/2024 Modified 01/28/2025 Description A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-4367 CVE - 2024-4367

Oracle Linux: CVE-2024-32002: ELSA-2024-4083:git security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 06/27/2024 Added 06/25/2024 Modified 01/07/2025 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule&apos;s worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won&apos;t work. As always, it is best to avoid cloning repositories from untrusted sources. A vulnerability was found in Git. This vulnerability allows the malicious manipulation of repositories containing submodules, exploiting a bug that enables the writing of files into the .git/ directory instead of the submodule&apos;s intended worktree. This manipulation facilitates the execution of arbitrary code during the cloning process, bypassing user inspection and control. Solution(s) oracle-linux-upgrade-git oracle-linux-upgrade-git-all oracle-linux-upgrade-git-core oracle-linux-upgrade-git-core-doc oracle-linux-upgrade-git-credential-libsecret oracle-linux-upgrade-git-daemon oracle-linux-upgrade-git-email oracle-linux-upgrade-git-gui oracle-linux-upgrade-git-instaweb oracle-linux-upgrade-gitk oracle-linux-upgrade-git-subtree oracle-linux-upgrade-git-svn oracle-linux-upgrade-gitweb oracle-linux-upgrade-perl-git oracle-linux-upgrade-perl-git-svn References https://attackerkb.com/topics/cve-2024-32002 CVE - 2024-32002 ELSA-2024-4083 ELSA-2024-4084

SUSE: CVE-2024-4777: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/21/2024 Added 05/20/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-4777 CVE - 2024-4777

SUSE: CVE-2024-4317: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/16/2024 Added 05/16/2024 Modified 02/14/2025 Description Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that version. Current PostgreSQL installations will remain vulnerable until they follow the instructions in the release notes. Within major versions 14-16, minor versions before PostgreSQL 16.3, 15.7, and 14.12 are affected. Versions before PostgreSQL 14 are unaffected. Solution(s) suse-upgrade-libecpg6 suse-upgrade-libecpg6-32bit suse-upgrade-libpq5 suse-upgrade-libpq5-32bit suse-upgrade-postgresql14 suse-upgrade-postgresql14-contrib suse-upgrade-postgresql14-devel suse-upgrade-postgresql14-docs suse-upgrade-postgresql14-llvmjit suse-upgrade-postgresql14-llvmjit-devel suse-upgrade-postgresql14-plperl suse-upgrade-postgresql14-plpython suse-upgrade-postgresql14-pltcl suse-upgrade-postgresql14-server suse-upgrade-postgresql14-server-devel suse-upgrade-postgresql14-test suse-upgrade-postgresql15 suse-upgrade-postgresql15-contrib suse-upgrade-postgresql15-devel suse-upgrade-postgresql15-docs suse-upgrade-postgresql15-llvmjit suse-upgrade-postgresql15-llvmjit-devel suse-upgrade-postgresql15-plperl suse-upgrade-postgresql15-plpython suse-upgrade-postgresql15-pltcl suse-upgrade-postgresql15-server suse-upgrade-postgresql15-server-devel suse-upgrade-postgresql15-test suse-upgrade-postgresql16 suse-upgrade-postgresql16-contrib suse-upgrade-postgresql16-devel suse-upgrade-postgresql16-devel-mini suse-upgrade-postgresql16-docs suse-upgrade-postgresql16-llvmjit suse-upgrade-postgresql16-llvmjit-devel suse-upgrade-postgresql16-plperl suse-upgrade-postgresql16-plpython suse-upgrade-postgresql16-pltcl suse-upgrade-postgresql16-server suse-upgrade-postgresql16-server-devel suse-upgrade-postgresql16-test References https://attackerkb.com/topics/cve-2024-4317 CVE - 2024-4317

SUSE: CVE-2024-4068: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 10/31/2024 Added 10/30/2024 Modified 01/30/2025 Description The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash. Solution(s) suse-upgrade-pgadmin4 suse-upgrade-pgadmin4-cloud suse-upgrade-pgadmin4-desktop suse-upgrade-pgadmin4-doc suse-upgrade-pgadmin4-web-uwsgi suse-upgrade-system-user-pgadmin suse-upgrade-system-user-velociraptor suse-upgrade-velociraptor suse-upgrade-velociraptor-client References https://attackerkb.com/topics/cve-2024-4068 CVE - 2024-4068