ISHACK AI BOT

Amazon Linux AMI 2: CVE-2024-32021: Security patch for git (ALAS-2024-2548) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/01/2024 Added 05/31/2024 Modified 05/31/2024 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. Solution(s) amazon-linux-ami-2-upgrade-git amazon-linux-ami-2-upgrade-git-all amazon-linux-ami-2-upgrade-git-core amazon-linux-ami-2-upgrade-git-core-doc amazon-linux-ami-2-upgrade-git-credential-libsecret amazon-linux-ami-2-upgrade-git-cvs amazon-linux-ami-2-upgrade-git-daemon amazon-linux-ami-2-upgrade-git-debuginfo amazon-linux-ami-2-upgrade-git-email amazon-linux-ami-2-upgrade-git-gui amazon-linux-ami-2-upgrade-git-instaweb amazon-linux-ami-2-upgrade-git-p4 amazon-linux-ami-2-upgrade-git-subtree amazon-linux-ami-2-upgrade-git-svn amazon-linux-ami-2-upgrade-gitk amazon-linux-ami-2-upgrade-gitweb amazon-linux-ami-2-upgrade-perl-git amazon-linux-ami-2-upgrade-perl-git-svn References https://attackerkb.com/topics/cve-2024-32021 AL2/ALAS-2024-2548 CVE - 2024-32021

APSB24-29:Adobe Acrobat and Reader for Windows and macOS (CVE-2024-34095) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2024-34095 CVE - 2024-34095 https://helpx.adobe.com/security/products/reader/apsb24-29.html

APSB24-29:Adobe Acrobat and Reader for Windows and macOS (CVE-2024-34098) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2024-34098 CVE - 2024-34098 https://helpx.adobe.com/security/products/reader/apsb24-29.html

Amazon Linux AMI: CVE-2024-32020: Security patch for git (ALAS-2024-1939) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/04/2024 Added 05/31/2024 Modified 05/31/2024 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a "proper" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. Solution(s) amazon-linux-upgrade-git References ALAS-2024-1939 CVE-2024-32020

Aruba AOS-10: CVE-2024-31479: Unauthenticated Denial-of-Service (DoS) Vulnerabilities in Central Communications Service Accessed via the PAPI Protocol Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service. Solution(s) aruba-aos-10-cve-2024-31479 References https://attackerkb.com/topics/cve-2024-31479 CVE - 2024-31479 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Amazon Linux AMI: CVE-2024-32021: Security patch for git (ALAS-2024-1939) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 06/04/2024 Added 05/31/2024 Modified 05/31/2024 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. Solution(s) amazon-linux-upgrade-git References ALAS-2024-1939 CVE-2024-32021

Aruba AOS-10: CVE-2024-31471: Unauthenticated Command Injection Vulnerability in Central Communications Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2024-31471 References https://attackerkb.com/topics/cve-2024-31471 CVE - 2024-31471 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Aruba AOS-10: CVE-2024-31470: Unauthenticated Buffer Overflow Vulnerability in the Simultaneous Authentication of Equals (SAE) Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2024-31470 References https://attackerkb.com/topics/cve-2024-31470 CVE - 2024-31470 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Aruba AOS-10: CVE-2024-31468: Unauthenticated Buffer Overflow Vulnerabilities in Central Communications Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2024-31468 References https://attackerkb.com/topics/cve-2024-31468 CVE - 2024-31468 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Aruba AOS-10: CVE-2024-31474: Unauthenticated Arbitrary File Deletion in CLI Service Accessed by the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point Solution(s) aruba-aos-10-cve-2024-31474 References https://attackerkb.com/topics/cve-2024-31474 CVE - 2024-31474 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Microsoft Windows: CVE-2024-30001: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Mobile Broadband Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30001 CVE - 2024-30001 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

Aruba AOS-10: CVE-2024-31467: Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2024-31467 References https://attackerkb.com/topics/cve-2024-31467 CVE - 2024-31467 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Aruba AOS-10: CVE-2024-31476: Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2024-31476 References https://attackerkb.com/topics/cve-2024-31476 CVE - 2024-31476 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Amazon Linux AMI: CVE-2024-32002: Security patch for git (ALAS-2024-1939) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 06/04/2024 Added 05/31/2024 Modified 01/28/2025 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. Solution(s) amazon-linux-upgrade-git References ALAS-2024-1939 CVE-2024-32002

Microsoft Windows: CVE-2024-29994: Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-29994 CVE - 2024-29994 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

Gentoo Linux: CVE-2024-4775: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 08/08/2024 Added 08/07/2024 Modified 08/07/2024 Description An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-4775 CVE - 2024-4775 202408-02

Gentoo Linux: CVE-2024-4773: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 08/08/2024 Added 08/07/2024 Modified 08/07/2024 Description When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-4773 CVE - 2024-4773 202408-02

Gentoo Linux: CVE-2024-4771: Mozilla Firefox: Multiple Vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 08/08/2024 Added 08/07/2024 Modified 08/07/2024 Description A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126. Solution(s) gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2024-4771 CVE - 2024-4771 202408-02

CentOS Linux: CVE-2024-4769: Important: firefox security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/18/2024 Added 05/17/2024 Modified 05/21/2024 Description When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses.This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) centos-upgrade-firefox centos-upgrade-firefox-debuginfo centos-upgrade-thunderbird centos-upgrade-thunderbird-debuginfo References CVE-2024-4769

Microsoft CVE-2024-30042: Microsoft Excel Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 05/16/2024 Description Microsoft CVE-2024-30042: Microsoft Excel Remote Code Execution Vulnerability Solution(s) msft-kb5002503-cbdf8afe-fed3-4d87-92fe-6755a2056895 References https://attackerkb.com/topics/cve-2024-30042 CVE - 2024-30042 5002503 5002587

Huawei EulerOS: CVE-2024-27282: ruby security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1. Solution(s) huawei-euleros-2_0_sp12-upgrade-ruby huawei-euleros-2_0_sp12-upgrade-ruby-help huawei-euleros-2_0_sp12-upgrade-ruby-irb References https://attackerkb.com/topics/cve-2024-27282 CVE - 2024-27282 EulerOS-SA-2024-2250

Huawei EulerOS: CVE-2024-27395: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 10/09/2024 Added 10/08/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe. Solution(s) huawei-euleros-2_0_sp12-upgrade-bpftool huawei-euleros-2_0_sp12-upgrade-kernel huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp12-upgrade-kernel-tools huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs huawei-euleros-2_0_sp12-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-27395 CVE - 2024-27395 EulerOS-SA-2024-2352

CentOS Linux: CVE-2024-4777: Important: firefox security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/18/2024 Added 05/17/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) centos-upgrade-firefox centos-upgrade-firefox-debuginfo centos-upgrade-thunderbird centos-upgrade-thunderbird-debuginfo References CVE-2024-4777

Huawei EulerOS: CVE-2024-27397: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 10/10/2024 Added 10/09/2024 Modified 10/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to use the timestamp, this avoids that an element expires while control plane transaction is still unfinished. .lookup and .update, which are used from packet path, still use the current time to check if the element has expired. And .get path and dump also since this runs lockless under rcu read size lock. Then, there is async gc which also needs to check the current time since it runs asynchronously from a workqueue. Solution(s) huawei-euleros-2_0_sp12-upgrade-bpftool huawei-euleros-2_0_sp12-upgrade-kernel huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp12-upgrade-kernel-tools huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs huawei-euleros-2_0_sp12-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-27397 CVE - 2024-27397 EulerOS-SA-2024-2544

CentOS Linux: CVE-2024-4770: Important: firefox security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/18/2024 Added 05/17/2024 Modified 05/21/2024 Description When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) centos-upgrade-firefox centos-upgrade-firefox-debuginfo centos-upgrade-thunderbird centos-upgrade-thunderbird-debuginfo References CVE-2024-4770