ISHACK AI BOT

Fortinet FortiOS: Unspecified Security Vulnerability (CVE-2023-46714) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 05/14/2024 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests. Solution(s) fortios-upgrade-latest References https://attackerkb.com/topics/cve-2023-46714 CVE - 2023-46714 https://fortiguard.com/psirt/FG-IR-23-415

Fortinet FortiOS: Unspecified Security Vulnerability (CVE-2024-26007) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/14/2024 Created 12/14/2024 Added 12/13/2024 Modified 01/28/2025 Description An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests. Solution(s) fortios-upgrade-latest References https://attackerkb.com/topics/cve-2024-26007 CVE - 2024-26007 https://fortiguard.com/psirt/FG-IR-24-017

FreeBSD: VID-F393B5A7-1535-11EF-8064-C5610A6EFFFB (CVE-2024-35312): Arti -- Security issues related to circuit construction Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/22/2024 Added 05/18/2024 Modified 05/18/2024 Description In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003. Solution(s) freebsd-upgrade-package-arti References CVE-2024-35312

FreeBSD: VID-F393B5A7-1535-11EF-8064-C5610A6EFFFB (CVE-2024-35313): Arti -- Security issues related to circuit construction Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/22/2024 Added 05/18/2024 Modified 05/18/2024 Description In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 (with full vanguards), aka TROVE-2024-004. Solution(s) freebsd-upgrade-package-arti References CVE-2024-35313

Oracle Linux: CVE-2024-4768: ELSA-2024-2883:firefox security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 05/14/2024 Created 05/21/2024 Added 05/17/2024 Modified 01/07/2025 Description A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-4768 CVE - 2024-4768 ELSA-2024-2883 ELSA-2024-2881 ELSA-2024-2888 ELSA-2024-3783 ELSA-2024-2913 ELSA-2024-3784 View more

Ubuntu: (Multiple Advisories) (CVE-2024-4776): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/28/2024 Added 05/28/2024 Modified 07/03/2024 Description A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox < 126. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-4776 CVE - 2024-4776 USN-6779-1 USN-6779-2

SUSE: CVE-2024-29158: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/21/2024 Added 06/21/2024 Modified 06/26/2024 Description HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Solution(s) suse-upgrade-hdf5-gnu-hpc suse-upgrade-hdf5-gnu-hpc-devel suse-upgrade-hdf5-gnu-mpich-hpc suse-upgrade-hdf5-gnu-mpich-hpc-devel suse-upgrade-hdf5-gnu-mvapich2-hpc suse-upgrade-hdf5-gnu-mvapich2-hpc-devel suse-upgrade-hdf5-gnu-openmpi1-hpc-devel suse-upgrade-hdf5-gnu-openmpi3-hpc suse-upgrade-hdf5-gnu-openmpi3-hpc-devel suse-upgrade-hdf5-gnu-openmpi4-hpc suse-upgrade-hdf5-gnu-openmpi4-hpc-devel suse-upgrade-hdf5-hpc-examples suse-upgrade-hdf5_1_10_11-gnu-hpc suse-upgrade-hdf5_1_10_11-gnu-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-module suse-upgrade-hdf5_1_10_11-hpc-examples suse-upgrade-libhdf5-gnu-hpc suse-upgrade-libhdf5-gnu-mpich-hpc suse-upgrade-libhdf5-gnu-mvapich2-hpc suse-upgrade-libhdf5-gnu-openmpi1-hpc suse-upgrade-libhdf5-gnu-openmpi3-hpc suse-upgrade-libhdf5-gnu-openmpi4-hpc suse-upgrade-libhdf5_1_10_11-gnu-hpc suse-upgrade-libhdf5_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp-gnu-hpc suse-upgrade-libhdf5_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran-gnu-hpc suse-upgrade-libhdf5_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl-gnu-hpc suse-upgrade-libhdf5_hl-gnu-mpich-hpc suse-upgrade-libhdf5_hl-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp-gnu-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_fortran-gnu-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libmca_common_dstore1 suse-upgrade-libopenmpi4-gnu-hpc suse-upgrade-libopenmpi_4_1_4-gnu-hpc suse-upgrade-libopenmpi_4_1_6-gnu-hpc suse-upgrade-libpmix2 suse-upgrade-lua51-luaposix suse-upgrade-lua51-luaterm suse-upgrade-lua53-luaposix suse-upgrade-lua53-luaterm suse-upgrade-luaposix-doc suse-upgrade-mpich suse-upgrade-mpich-devel suse-upgrade-mpich-gnu-hpc suse-upgrade-mpich-gnu-hpc-devel suse-upgrade-mpich-gnu-hpc-devel-static suse-upgrade-mpich-gnu-hpc-macros-devel suse-upgrade-mpich-ofi suse-upgrade-mpich-ofi-devel suse-upgrade-mpich-ofi-gnu-hpc suse-upgrade-mpich-ofi-gnu-hpc-devel suse-upgrade-mpich-ofi-gnu-hpc-devel-static suse-upgrade-mpich-ofi-gnu-hpc-macros-devel suse-upgrade-mpich-ofi_4_0_2-gnu-hpc suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-devel suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-devel-static suse-upgrade-mpich-ofi_4_0_2-gnu-hpc-macros-devel suse-upgrade-mpich-ofi_4_1_2-gnu-hpc suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-devel suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-devel-static suse-upgrade-mpich-ofi_4_1_2-gnu-hpc-macros-devel suse-upgrade-mpich_4_0_2-gnu-hpc suse-upgrade-mpich_4_0_2-gnu-hpc-devel suse-upgrade-mpich_4_0_2-gnu-hpc-devel-static suse-upgrade-mpich_4_0_2-gnu-hpc-macros-devel suse-upgrade-mpich_4_1_2-gnu-hpc suse-upgrade-mpich_4_1_2-gnu-hpc-devel suse-upgrade-mpich_4_1_2-gnu-hpc-devel-static suse-upgrade-mpich_4_1_2-gnu-hpc-macros-devel suse-upgrade-mvapich2 suse-upgrade-mvapich2-devel suse-upgrade-mvapich2-devel-static suse-upgrade-mvapich2-doc suse-upgrade-mvapich2-gnu-hpc suse-upgrade-mvapich2-gnu-hpc-devel suse-upgrade-mvapich2-gnu-hpc-doc suse-upgrade-mvapich2-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm suse-upgrade-mvapich2-psm-devel suse-upgrade-mvapich2-psm-devel-static suse-upgrade-mvapich2-psm-doc suse-upgrade-mvapich2-psm-gnu-hpc suse-upgrade-mvapich2-psm-gnu-hpc-devel suse-upgrade-mvapich2-psm-gnu-hpc-doc suse-upgrade-mvapich2-psm-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm2 suse-upgrade-mvapich2-psm2-devel suse-upgrade-mvapich2-psm2-devel-static suse-upgrade-mvapich2-psm2-doc suse-upgrade-mvapich2-psm2-gnu-hpc suse-upgrade-mvapich2-psm2-gnu-hpc-devel suse-upgrade-mvapich2-psm2-gnu-hpc-doc suse-upgrade-mvapich2-psm2-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2-psm2_2_3_7-gnu-hpc-macros-devel suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2-psm_2_3_7-gnu-hpc-macros-devel suse-upgrade-mvapich2_2_3_7-gnu-hpc suse-upgrade-mvapich2_2_3_7-gnu-hpc-devel suse-upgrade-mvapich2_2_3_7-gnu-hpc-devel-static suse-upgrade-mvapich2_2_3_7-gnu-hpc-doc suse-upgrade-mvapich2_2_3_7-gnu-hpc-macros-devel suse-upgrade-openmpi4 suse-upgrade-openmpi4-config suse-upgrade-openmpi4-devel suse-upgrade-openmpi4-docs suse-upgrade-openmpi4-gnu-hpc suse-upgrade-openmpi4-gnu-hpc-devel suse-upgrade-openmpi4-gnu-hpc-devel-static suse-upgrade-openmpi4-gnu-hpc-docs suse-upgrade-openmpi4-gnu-hpc-macros-devel suse-upgrade-openmpi4-libs suse-upgrade-openmpi4-libs-32bit suse-upgrade-openmpi4-macros-devel suse-upgrade-openmpi4-testsuite suse-upgrade-openmpi_4_1_4-gnu-hpc suse-upgrade-openmpi_4_1_4-gnu-hpc-devel suse-upgrade-openmpi_4_1_4-gnu-hpc-devel-static suse-upgrade-openmpi_4_1_4-gnu-hpc-docs suse-upgrade-openmpi_4_1_4-gnu-hpc-macros-devel suse-upgrade-openmpi_4_1_4-gnu-hpc-testsuite suse-upgrade-openmpi_4_1_6-gnu-hpc suse-upgrade-openmpi_4_1_6-gnu-hpc-devel suse-upgrade-openmpi_4_1_6-gnu-hpc-devel-static suse-upgrade-openmpi_4_1_6-gnu-hpc-docs suse-upgrade-openmpi_4_1_6-gnu-hpc-macros-devel suse-upgrade-openmpi_4_1_6-gnu-hpc-testsuite suse-upgrade-pmix suse-upgrade-pmix-devel suse-upgrade-pmix-headers suse-upgrade-pmix-mca-params suse-upgrade-pmix-plugin-munge suse-upgrade-pmix-plugins suse-upgrade-pmix-test References https://attackerkb.com/topics/cve-2024-29158 CVE - 2024-29158

Oracle Linux: CVE-2024-4770: ELSA-2024-2883:firefox security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 05/14/2024 Created 05/21/2024 Added 05/17/2024 Modified 01/07/2025 Description When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox &lt; 126, Firefox ESR &lt; 115.11, and Thunderbird &lt; 115.11. A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. Solution(s) oracle-linux-upgrade-firefox oracle-linux-upgrade-firefox-x11 oracle-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-4770 CVE - 2024-4770 ELSA-2024-2883 ELSA-2024-2881 ELSA-2024-2888 ELSA-2024-3783 ELSA-2024-2913 ELSA-2024-3784 View more

Ubuntu: (Multiple Advisories) (CVE-2024-4777): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-4777 CVE - 2024-4777 USN-6779-1 USN-6779-2 USN-6782-1

SUSE: CVE-2024-29039: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 07/01/2024 Description tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file.As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7. Solution(s) suse-upgrade-tpm2-0-tools References https://attackerkb.com/topics/cve-2024-29039 CVE - 2024-29039

APSB24-29:Adobe Acrobat and Reader for Windows and macOS (CVE-2024-34094) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2024-34094 CVE - 2024-34094 https://helpx.adobe.com/security/products/reader/apsb24-29.html

Ubuntu: (Multiple Advisories) (CVE-2024-4770): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/28/2024 Added 05/28/2024 Modified 07/03/2024 Description When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-4770 CVE - 2024-4770 USN-6779-1 USN-6779-2 USN-6782-1

Adobe Animate: CVE-2024-30293: Security updates available for Adobe Animate (APSB24-36) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-30293 CVE - 2024-30293 https://helpx.adobe.com/security/products/animate/apsb24-36.html

Ubuntu: (Multiple Advisories) (CVE-2024-4778): Firefox vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/28/2024 Added 05/28/2024 Modified 07/03/2024 Description Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2024-4778 CVE - 2024-4778 USN-6779-1 USN-6779-2

Adobe Acrobat: CVE-2024-34099: Security updates available for Adobe Acrobat and Reader (APSB24-29) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2024-34099 https://helpx.adobe.com/security/products/acrobat/apsb24-29.html CVE - 2024-34099

Ubuntu: (Multiple Advisories) (CVE-2024-27398): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection is timeout. The sock will be deallocated later, but it is dereferenced again in sco_sock_timeout. As a result, the use-after-free bugs will happen. The root cause is shown below: Cleanup Thread |Worker Thread sco_sock_release | sco_sock_close | __sco_sock_close | sco_sock_set_timer | schedule_delayed_work| sco_sock_kill|(wait a time) sock_put(sk) //FREE|sco_sock_timeout |sock_hold(sk) //USE The KASAN report triggered by POC is shown below: [ 95.890016] ================================================================== [ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0 [ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7 ... [ 95.890755] Workqueue: events sco_sock_timeout [ 95.890755] Call Trace: [ 95.890755]<TASK> [ 95.890755]dump_stack_lvl+0x45/0x110 [ 95.890755]print_address_description+0x78/0x390 [ 95.890755]print_report+0x11b/0x250 [ 95.890755]? __virt_addr_valid+0xbe/0xf0 [ 95.890755]? sco_sock_timeout+0x5e/0x1c0 [ 95.890755]kasan_report+0x139/0x170 [ 95.890755]? update_load_avg+0xe5/0x9f0 [ 95.890755]? sco_sock_timeout+0x5e/0x1c0 [ 95.890755]kasan_check_range+0x2c3/0x2e0 [ 95.890755]sco_sock_timeout+0x5e/0x1c0 [ 95.890755]process_one_work+0x561/0xc50 [ 95.890755]worker_thread+0xab2/0x13c0 [ 95.890755]? pr_cont_work+0x490/0x490 [ 95.890755]kthread+0x279/0x300 [ 95.890755]? pr_cont_work+0x490/0x490 [ 95.890755]? kthread_blkcg+0xa0/0xa0 [ 95.890755]ret_from_fork+0x34/0x60 [ 95.890755]? kthread_blkcg+0xa0/0xa0 [ 95.890755]ret_from_fork_asm+0x11/0x20 [ 95.890755]</TASK> [ 95.890755] [ 95.890755] Allocated by task 506: [ 95.890755]kasan_save_track+0x3f/0x70 [ 95.890755]__kasan_kmalloc+0x86/0x90 [ 95.890755]__kmalloc+0x17f/0x360 [ 95.890755]sk_prot_alloc+0xe1/0x1a0 [ 95.890755]sk_alloc+0x31/0x4e0 [ 95.890755]bt_sock_alloc+0x2b/0x2a0 [ 95.890755]sco_sock_create+0xad/0x320 [ 95.890755]bt_sock_create+0x145/0x320 [ 95.890755]__sock_create+0x2e1/0x650 [ 95.890755]__sys_socket+0xd0/0x280 [ 95.890755]__x64_sys_socket+0x75/0x80 [ 95.890755]do_syscall_64+0xc4/0x1b0 [ 95.890755]entry_SYSCALL_64_after_hwframe+0x67/0x6f [ 95.890755] [ 95.890755] Freed by task 506: [ 95.890755]kasan_save_track+0x3f/0x70 [ 95.890755]kasan_save_free_info+0x40/0x50 [ 95.890755]poison_slab_object+0x118/0x180 [ 95.890755]__kasan_slab_free+0x12/0x30 [ 95.890755]kfree+0xb2/0x240 [ 95.890755]__sk_destruct+0x317/0x410 [ 95.890755]sco_sock_release+0x232/0x280 [ 95.890755]sock_close+0xb2/0x210 [ 95.890755]__fput+0x37f/0x770 [ 95.890755]task_work_run+0x1ae/0x210 [ 95.890755]get_signal+0xe17/0xf70 [ 95.890755]arch_do_signal_or_restart+0x3f/0x520 [ 95.890755]syscall_exit_to_user_mode+0x55/0x120 [ 95.890755]do_syscall_64+0xd1/0x1b0 [ 95.890755]entry_SYSCALL_64_after_hwframe+0x67/0x6f [ 95.890755] [ 95.890755] The buggy address belongs to the object at ffff88800c388000 [ 95.890755]which belongs to the cache kmalloc-1k of size 1024 [ 95.890755] The buggy address is located 128 bytes inside of [ 95.890755]freed 1024-byte region [ffff88800c388000, ffff88800c388400) [ 95.890755] [ 95.890755] The buggy address belongs to the physical page: [ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388 [ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 95.890755] ano ---truncated--- Solution(s) ubuntu-upgrade-linux-image-4-15-0-1135-oracle ubuntu-upgrade-linux-image-4-15-0-1156-kvm ubuntu-upgrade-linux-image-4-15-0-1166-gcp ubuntu-upgrade-linux-image-4-15-0-1173-aws ubuntu-upgrade-linux-image-4-15-0-1181-azure ubuntu-upgrade-linux-image-4-15-0-229-generic ubuntu-upgrade-linux-image-4-15-0-229-lowlatency ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1050-gkeop ubuntu-upgrade-linux-image-5-15-0-1060-ibm ubuntu-upgrade-linux-image-5-15-0-1060-raspi ubuntu-upgrade-linux-image-5-15-0-1062-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1062-nvidia ubuntu-upgrade-linux-image-5-15-0-1062-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1064-gke ubuntu-upgrade-linux-image-5-15-0-1064-kvm ubuntu-upgrade-linux-image-5-15-0-1065-oracle ubuntu-upgrade-linux-image-5-15-0-1066-gcp ubuntu-upgrade-linux-image-5-15-0-1067-aws ubuntu-upgrade-linux-image-5-15-0-1070-azure ubuntu-upgrade-linux-image-5-15-0-1070-azure-fde ubuntu-upgrade-linux-image-5-15-0-118-generic ubuntu-upgrade-linux-image-5-15-0-118-generic-64k ubuntu-upgrade-linux-image-5-15-0-118-generic-lpae ubuntu-upgrade-linux-image-5-15-0-118-lowlatency ubuntu-upgrade-linux-image-5-15-0-118-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1042-iot ubuntu-upgrade-linux-image-5-4-0-1049-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1077-ibm ubuntu-upgrade-linux-image-5-4-0-1090-bluefield ubuntu-upgrade-linux-image-5-4-0-1097-gkeop ubuntu-upgrade-linux-image-5-4-0-1114-raspi ubuntu-upgrade-linux-image-5-4-0-1118-kvm ubuntu-upgrade-linux-image-5-4-0-1129-oracle ubuntu-upgrade-linux-image-5-4-0-1130-aws ubuntu-upgrade-linux-image-5-4-0-1134-gcp ubuntu-upgrade-linux-image-5-4-0-1135-azure ubuntu-upgrade-linux-image-5-4-0-192-generic ubuntu-upgrade-linux-image-5-4-0-192-generic-lpae ubuntu-upgrade-linux-image-5-4-0-192-lowlatency ubuntu-upgrade-linux-image-6-8-0-1008-gke ubuntu-upgrade-linux-image-6-8-0-1009-raspi ubuntu-upgrade-linux-image-6-8-0-1010-ibm ubuntu-upgrade-linux-image-6-8-0-1010-oem ubuntu-upgrade-linux-image-6-8-0-1010-oracle ubuntu-upgrade-linux-image-6-8-0-1010-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1012-azure ubuntu-upgrade-linux-image-6-8-0-1012-azure-fde ubuntu-upgrade-linux-image-6-8-0-1012-gcp ubuntu-upgrade-linux-image-6-8-0-1013-aws ubuntu-upgrade-linux-image-6-8-0-40-generic ubuntu-upgrade-linux-image-6-8-0-40-generic-64k ubuntu-upgrade-linux-image-6-8-0-40-lowlatency ubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-27398 CVE - 2024-27398 USN-6949-1 USN-6949-2 USN-6950-1 USN-6950-2 USN-6950-3 USN-6950-4 USN-6951-1 USN-6951-2 USN-6951-3 USN-6951-4 USN-6952-1 USN-6952-2 USN-6953-1 USN-6955-1 USN-6956-1 USN-6957-1 USN-6979-1 USN-7019-1 USN-7028-1 USN-7028-2 View more

Ubuntu: (Multiple Advisories) (CVE-2024-27401): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length, packet_buffer_get will now return 0 to signify to the user that no data were read and a larger buffer size is required. Helps prevent user space overflows. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1050-gkeop ubuntu-upgrade-linux-image-5-15-0-1060-ibm ubuntu-upgrade-linux-image-5-15-0-1060-raspi ubuntu-upgrade-linux-image-5-15-0-1062-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1062-nvidia ubuntu-upgrade-linux-image-5-15-0-1062-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1064-gke ubuntu-upgrade-linux-image-5-15-0-1064-kvm ubuntu-upgrade-linux-image-5-15-0-1065-oracle ubuntu-upgrade-linux-image-5-15-0-1066-gcp ubuntu-upgrade-linux-image-5-15-0-1067-aws ubuntu-upgrade-linux-image-5-15-0-1070-azure ubuntu-upgrade-linux-image-5-15-0-1070-azure-fde ubuntu-upgrade-linux-image-5-15-0-118-generic ubuntu-upgrade-linux-image-5-15-0-118-generic-64k ubuntu-upgrade-linux-image-5-15-0-118-generic-lpae ubuntu-upgrade-linux-image-5-15-0-118-lowlatency ubuntu-upgrade-linux-image-5-15-0-118-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1042-iot ubuntu-upgrade-linux-image-5-4-0-1049-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1077-ibm ubuntu-upgrade-linux-image-5-4-0-1090-bluefield ubuntu-upgrade-linux-image-5-4-0-1097-gkeop ubuntu-upgrade-linux-image-5-4-0-1114-raspi ubuntu-upgrade-linux-image-5-4-0-1118-kvm ubuntu-upgrade-linux-image-5-4-0-1129-oracle ubuntu-upgrade-linux-image-5-4-0-1130-aws ubuntu-upgrade-linux-image-5-4-0-1134-gcp ubuntu-upgrade-linux-image-5-4-0-1135-azure ubuntu-upgrade-linux-image-5-4-0-192-generic ubuntu-upgrade-linux-image-5-4-0-192-generic-lpae ubuntu-upgrade-linux-image-5-4-0-192-lowlatency ubuntu-upgrade-linux-image-6-8-0-1008-gke ubuntu-upgrade-linux-image-6-8-0-1009-raspi ubuntu-upgrade-linux-image-6-8-0-1010-ibm ubuntu-upgrade-linux-image-6-8-0-1010-oem ubuntu-upgrade-linux-image-6-8-0-1010-oracle ubuntu-upgrade-linux-image-6-8-0-1010-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1012-azure ubuntu-upgrade-linux-image-6-8-0-1012-azure-fde ubuntu-upgrade-linux-image-6-8-0-1012-gcp ubuntu-upgrade-linux-image-6-8-0-1013-aws ubuntu-upgrade-linux-image-6-8-0-40-generic ubuntu-upgrade-linux-image-6-8-0-40-generic-64k ubuntu-upgrade-linux-image-6-8-0-40-lowlatency ubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-27401 CVE - 2024-27401 USN-6949-1 USN-6949-2 USN-6950-1 USN-6950-2 USN-6950-3 USN-6950-4 USN-6951-1 USN-6951-2 USN-6951-3 USN-6951-4 USN-6952-1 USN-6952-2 USN-6953-1 USN-6955-1 USN-6956-1 USN-6957-1 USN-6979-1 USN-7019-1 View more

Ubuntu: USN-6773-1 (CVE-2024-30046): .NET vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/21/2024 Added 05/20/2024 Modified 10/23/2024 Description Visual Studio Denial of Service Vulnerability Solution(s) ubuntu-upgrade-aspnetcore-runtime-7-0 ubuntu-upgrade-aspnetcore-runtime-8-0 ubuntu-upgrade-dotnet-host-7-0 ubuntu-upgrade-dotnet-host-8-0 ubuntu-upgrade-dotnet-hostfxr-7-0 ubuntu-upgrade-dotnet-hostfxr-8-0 ubuntu-upgrade-dotnet-runtime-7-0 ubuntu-upgrade-dotnet-runtime-8-0 ubuntu-upgrade-dotnet-sdk-7-0 ubuntu-upgrade-dotnet-sdk-8-0 ubuntu-upgrade-dotnet7 ubuntu-upgrade-dotnet8 References https://attackerkb.com/topics/cve-2024-30046 CVE - 2024-30046 USN-6773-1

Ubuntu: (Multiple Advisories) (CVE-2024-32002): Git vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 06/07/2024 Added 06/06/2024 Modified 01/30/2025 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. Solution(s) ubuntu-pro-upgrade-git References https://attackerkb.com/topics/cve-2024-32002 CVE - 2024-32002 USN-6793-1 USN-6793-2 USN-7023-1

Adobe Acrobat: CVE-2024-30310: Security updates available for Adobe Acrobat and Reader (APSB24-29) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2024-30310 https://helpx.adobe.com/security/products/acrobat/apsb24-29.html CVE - 2024-30310

Adobe Acrobat: CVE-2024-34097: Security updates available for Adobe Acrobat and Reader (APSB24-29) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2024-34097 https://helpx.adobe.com/security/products/acrobat/apsb24-29.html CVE - 2024-34097

Ubuntu: USN-6969-1 (CVE-2024-31444): Cacti vulnerabilities Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 05/14/2024 Created 08/22/2024 Added 08/21/2024 Modified 01/28/2025 Description Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue. Solution(s) ubuntu-pro-upgrade-cacti References https://attackerkb.com/topics/cve-2024-31444 CVE - 2024-31444 USN-6969-1

Adobe Acrobat: CVE-2024-34101: Security updates available for Adobe Acrobat and Reader (APSB24-29) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2024-34101 https://helpx.adobe.com/security/products/acrobat/apsb24-29.html CVE - 2024-34101

Ubuntu: (Multiple Advisories) (CVE-2024-27400): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 08/10/2024 Added 08/09/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that after the move the old location is simply not available any more. Some fixes were suggested, but essentially we should call the move notification before actually moving things because only this way we have the correct order for DMA-buf and VM move notifications as well. Also rework the statistic handling so that we don't update the eviction counter before the move. v2: add missing NULL check Solution(s) ubuntu-upgrade-linux-image-6-8-0-1008-gke ubuntu-upgrade-linux-image-6-8-0-1009-raspi ubuntu-upgrade-linux-image-6-8-0-1010-ibm ubuntu-upgrade-linux-image-6-8-0-1010-oem ubuntu-upgrade-linux-image-6-8-0-1010-oracle ubuntu-upgrade-linux-image-6-8-0-1010-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency ubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1012-azure ubuntu-upgrade-linux-image-6-8-0-1012-azure-fde ubuntu-upgrade-linux-image-6-8-0-1012-gcp ubuntu-upgrade-linux-image-6-8-0-1013-aws ubuntu-upgrade-linux-image-6-8-0-40-generic ubuntu-upgrade-linux-image-6-8-0-40-generic-64k ubuntu-upgrade-linux-image-6-8-0-40-lowlatency ubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-8 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-8 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-nvidia-lowlatency-64k ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-27400 CVE - 2024-27400 USN-6949-1 USN-6949-2 USN-6952-1 USN-6952-2 USN-6955-1

Adobe Acrobat: CVE-2024-34100: Security updates available for Adobe Acrobat and Reader (APSB24-29) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2024-34100 https://helpx.adobe.com/security/products/acrobat/apsb24-29.html CVE - 2024-34100