ISHACK AI BOT

Rocky Linux: CVE-2024-25742: kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/10/2024 Created 05/13/2024 Added 05/13/2024 Modified 11/18/2024 Description In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-core rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debug-uki-virt rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-core rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-uki-virt rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-core rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-libperf rocky-upgrade-libperf-debuginfo rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo rocky-upgrade-rtla rocky-upgrade-rv References https://attackerkb.com/topics/cve-2024-25742 CVE - 2024-25742 https://errata.rockylinux.org/RLSA-2024:2758 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

Apple iTunes security update for CVE-2024-27793 Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 05/10/2024 Created 05/10/2024 Added 05/10/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution. Solution(s) apple-itunes-upgrade-12_13_2 References https://attackerkb.com/topics/cve-2024-27793 CVE - 2024-27793 http://support.apple.com/kb/HT214099

SUSE: CVE-2024-29040: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/10/2024 Created 05/15/2024 Added 05/15/2024 Modified 07/01/2024 Description This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this structure any number can be used in the JSON structure. The verifier can receive a state which does not represent the actual, possibly malicious state of the device under test. The malicious device might get access to data it shouldn't, or can use services it shouldn't be able to. This issue has been patched in version 4.1.0. Solution(s) suse-upgrade-libtss2-esys0 suse-upgrade-libtss2-esys0-32bit suse-upgrade-libtss2-fapi1 suse-upgrade-libtss2-fapi1-32bit suse-upgrade-libtss2-mu0 suse-upgrade-libtss2-mu0-32bit suse-upgrade-libtss2-rc0 suse-upgrade-libtss2-rc0-32bit suse-upgrade-libtss2-sys1 suse-upgrade-libtss2-sys1-32bit suse-upgrade-libtss2-tcti-cmd0 suse-upgrade-libtss2-tcti-cmd0-32bit suse-upgrade-libtss2-tcti-device0 suse-upgrade-libtss2-tcti-device0-32bit suse-upgrade-libtss2-tcti-mssim0 suse-upgrade-libtss2-tcti-mssim0-32bit suse-upgrade-libtss2-tcti-pcap0 suse-upgrade-libtss2-tcti-swtpm0 suse-upgrade-libtss2-tcti-swtpm0-32bit suse-upgrade-libtss2-tctildr0 suse-upgrade-libtss2-tctildr0-32bit suse-upgrade-tpm2-0-tss suse-upgrade-tpm2-0-tss-devel References https://attackerkb.com/topics/cve-2024-29040 CVE - 2024-29040

Amazon Linux 2023: CVE-2024-33655: Important priority package update for unbound Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:P) Published 05/09/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst (which can be considered traffic amplification in some cases), aka the "DNSBomb" issue. A DNSBomb flaw was found in the unbound package. The DNSBomb attack works by sending low-rate spoofed queries for a malicious zone to Unbound. By controlling the delay of the malicious authoritative answers, Unbound slowly accumulates pending answers for the spoofed addresses. When the authoritative answers become available to Unbound at the same time, Unbound starts serving all the accumulated queries. This results in large-sized, concentrated response bursts to the spoofed addresses. Solution(s) amazon-linux-2023-upgrade-python3-unbound amazon-linux-2023-upgrade-python3-unbound-debuginfo amazon-linux-2023-upgrade-unbound amazon-linux-2023-upgrade-unbound-anchor amazon-linux-2023-upgrade-unbound-anchor-debuginfo amazon-linux-2023-upgrade-unbound-debuginfo amazon-linux-2023-upgrade-unbound-debugsource amazon-linux-2023-upgrade-unbound-devel amazon-linux-2023-upgrade-unbound-libs amazon-linux-2023-upgrade-unbound-libs-debuginfo amazon-linux-2023-upgrade-unbound-utils amazon-linux-2023-upgrade-unbound-utils-debuginfo References https://attackerkb.com/topics/cve-2024-33655 CVE - 2024-33655 https://alas.aws.amazon.com/AL2023/ALAS-2024-610.html

Alpine Linux: CVE-2024-3727: Improper Validation of Integrity Check Value Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 05/09/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Solution(s) alpine-linux-upgrade-buildah alpine-linux-upgrade-podman alpine-linux-upgrade-skopeo References https://attackerkb.com/topics/cve-2024-3727 CVE - 2024-3727 https://security.alpinelinux.org/vuln/CVE-2024-3727

Oracle Linux: CVE-2024-3727: ELSA-2024-5258:container-tools:ol8 security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 05/09/2024 Created 10/18/2024 Added 10/16/2024 Modified 01/07/2025 Description A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Solution(s) oracle-linux-upgrade-aardvark-dns oracle-linux-upgrade-buildah oracle-linux-upgrade-buildah-tests oracle-linux-upgrade-cockpit-podman oracle-linux-upgrade-conmon oracle-linux-upgrade-containernetworking-plugins oracle-linux-upgrade-containers-common oracle-linux-upgrade-container-selinux oracle-linux-upgrade-crit oracle-linux-upgrade-criu oracle-linux-upgrade-criu-devel oracle-linux-upgrade-criu-libs oracle-linux-upgrade-crun oracle-linux-upgrade-fuse-overlayfs oracle-linux-upgrade-libslirp oracle-linux-upgrade-libslirp-devel oracle-linux-upgrade-netavark oracle-linux-upgrade-oci-seccomp-bpf-hook oracle-linux-upgrade-podman oracle-linux-upgrade-podman-catatonit oracle-linux-upgrade-podman-docker oracle-linux-upgrade-podman-gvproxy oracle-linux-upgrade-podman-plugins oracle-linux-upgrade-podman-remote oracle-linux-upgrade-podman-tests oracle-linux-upgrade-python3-criu oracle-linux-upgrade-python3-podman oracle-linux-upgrade-runc oracle-linux-upgrade-skopeo oracle-linux-upgrade-skopeo-tests oracle-linux-upgrade-slirp4netns oracle-linux-upgrade-udica References https://attackerkb.com/topics/cve-2024-3727 CVE - 2024-3727 ELSA-2024-5258 ELSA-2024-9098 ELSA-2024-9097 ELSA-2024-9102

F5 Networks: CVE-2024-25560: K000139037: TMM vulnerability CVE-2024-25560 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/09/2024 Created 05/10/2024 Added 05/09/2024 Modified 12/05/2024 Description When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-25560 CVE - 2024-25560 https://my.f5.com/manage/s/article/K000139037

Oracle Linux: CVE-2024-4317: ELSA-2024-5927:postgresql:16 security update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:N/AC:H/Au:S/C:P/I:N/A:N) Published 05/09/2024 Created 10/24/2024 Added 10/16/2024 Modified 01/08/2025 Description Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that version. Current PostgreSQL installations will remain vulnerable until they follow the instructions in the release notes. Within major versions 14-16, minor versions before PostgreSQL 16.3, 15.7, and 14.12 are affected. Versions before PostgreSQL 14 are unaffected. A flaw was found in PostgreSQL. Missing authorization in the built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Solution(s) oracle-linux-upgrade-pgaudit oracle-linux-upgrade-pg-repack oracle-linux-upgrade-postgres-decoderbufs oracle-linux-upgrade-postgresql oracle-linux-upgrade-postgresql-contrib oracle-linux-upgrade-postgresql-docs oracle-linux-upgrade-postgresql-plperl oracle-linux-upgrade-postgresql-plpython3 oracle-linux-upgrade-postgresql-pltcl oracle-linux-upgrade-postgresql-private-devel oracle-linux-upgrade-postgresql-private-libs oracle-linux-upgrade-postgresql-server oracle-linux-upgrade-postgresql-server-devel oracle-linux-upgrade-postgresql-static oracle-linux-upgrade-postgresql-test oracle-linux-upgrade-postgresql-test-rpm-macros oracle-linux-upgrade-postgresql-upgrade oracle-linux-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-4317 CVE - 2024-4317 ELSA-2024-5927 ELSA-2024-6001 ELSA-2024-6020 ELSA-2024-5929

VMware Photon OS: CVE-2024-4317 Severity 2 CVSS (AV:N/AC:H/Au:S/C:P/I:N/A:N) Published 05/09/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/14/2025 Description Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that version. Current PostgreSQL installations will remain vulnerable until they follow the instructions in the release notes. Within major versions 14-16, minor versions before PostgreSQL 16.3, 15.7, and 14.12 are affected. Versions before PostgreSQL 14 are unaffected. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-4317 CVE - 2024-4317

VMware Photon OS: CVE-2024-27395 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/09/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-27395 CVE - 2024-27395

F5 Networks: CVE-2024-33604: K000138894: BIG-IP Configuration utility XSS vulnerability CVE-2024-33604 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/09/2024 Created 05/10/2024 Added 05/09/2024 Modified 08/23/2024 Description A reflected cross-site scripting (XSS) vulnerability exist in undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-33604 CVE - 2024-33604 https://my.f5.com/manage/s/article/K000138894

F5 Networks: CVE-2024-21793: K000138732: BIG-IP Next Central Manager OData Injection vulnerability CVE-2024-21793 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/09/2024 Created 05/10/2024 Added 05/09/2024 Modified 01/28/2025 Description An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-21793 CVE - 2024-21793 https://my.f5.com/manage/s/article/K000138732

Alpine Linux: CVE-2024-4671: Use After Free Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/09/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/14/2024 Description Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Solution(s) alpine-linux-upgrade-qt6-qtwebengine References https://attackerkb.com/topics/cve-2024-4671 CVE - 2024-4671 https://security.alpinelinux.org/vuln/CVE-2024-4671

F5 Networks: CVE-2024-33608: K000138728: BIG-IP IPsec vulnerability CVE-2024-33608 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/09/2024 Created 05/10/2024 Added 05/09/2024 Modified 08/23/2024 Description When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-33608 CVE - 2024-33608 https://my.f5.com/manage/s/article/K000138728

Oracle Linux: CVE-2024-27393: ELSA-2024-4349:kernel security and bug fix update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/08/2024 Created 07/10/2024 Added 07/09/2024 Modified 01/07/2025 Description In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed that fixes tag were missing a call to page_pool_release_page() between v5.9 to v5.14, after which is should have used skb_mark_for_recycle(). Since v6.6 the call page_pool_release_page() were removed (in commit 535b9c61bdef ("net: page_pool: hide page_pool_release_page()") and remaining callers converted (in commit 6bfef2ec0172 ("Merge branch 'net-page_pool-remove-page_pool_release_page'")). This leak became visible in v6.8 via commit dba1b8a7ab68 ("mm/page_pool: catch page_pool memory leaks"). Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2024-27393 CVE - 2024-27393 ELSA-2024-4349

Oracle Linux: CVE-2024-27397: ELSA-2024-4583:kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 05/08/2024 Created 07/04/2024 Added 07/03/2024 Modified 01/23/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to use the timestamp, this avoids that an element expires while control plane transaction is still unfinished. .lookup and .update, which are used from packet path, still use the current time to check if the element has expired. And .get path and dump also since this runs lockless under rcu read size lock. Then, there is async gc which also needs to check the current time since it runs asynchronously from a workqueue. A use-after-free flaw was found in the Linux kernel’s netfilter subsystem in how a user triggers the element timeout. This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2024-27397 CVE - 2024-27397 ELSA-2024-4583 ELSA-2024-12782 ELSA-2024-12780 ELSA-2024-4211 ELSA-2024-12796 ELSA-2024-12830 View more

Oracle Linux: CVE-2024-24788: ELSA-2024-5291:grafana security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/08/2024 Created 10/18/2024 Added 10/16/2024 Modified 01/07/2025 Description A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. Solution(s) oracle-linux-upgrade-aardvark-dns oracle-linux-upgrade-buildah oracle-linux-upgrade-buildah-tests oracle-linux-upgrade-cockpit-podman oracle-linux-upgrade-conmon oracle-linux-upgrade-containernetworking-plugins oracle-linux-upgrade-containers-common oracle-linux-upgrade-container-selinux oracle-linux-upgrade-crit oracle-linux-upgrade-criu oracle-linux-upgrade-criu-devel oracle-linux-upgrade-criu-libs oracle-linux-upgrade-crun oracle-linux-upgrade-fuse-overlayfs oracle-linux-upgrade-grafana oracle-linux-upgrade-grafana-selinux oracle-linux-upgrade-libslirp oracle-linux-upgrade-libslirp-devel oracle-linux-upgrade-netavark oracle-linux-upgrade-oci-seccomp-bpf-hook oracle-linux-upgrade-podman oracle-linux-upgrade-podman-catatonit oracle-linux-upgrade-podman-docker oracle-linux-upgrade-podman-gvproxy oracle-linux-upgrade-podman-plugins oracle-linux-upgrade-podman-remote oracle-linux-upgrade-podman-tests oracle-linux-upgrade-python3-criu oracle-linux-upgrade-python3-podman oracle-linux-upgrade-runc oracle-linux-upgrade-skopeo oracle-linux-upgrade-skopeo-tests oracle-linux-upgrade-slirp4netns oracle-linux-upgrade-udica References https://attackerkb.com/topics/cve-2024-24788 CVE - 2024-24788 ELSA-2024-5291 ELSA-2024-6969 ELSA-2024-9115 ELSA-2024-9098 ELSA-2024-9089 ELSA-2024-9277 ELSA-2024-9200 View more

Google Chrome Vulnerability: CVE-2024-4559 Heap buffer overflow in WebAudio Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/08/2024 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-4559 CVE - 2024-4559

SUSE: CVE-2024-4418: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/08/2024 Created 06/12/2024 Added 06/11/2024 Modified 06/11/2024 Description A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it. Solution(s) suse-upgrade-libvirt suse-upgrade-libvirt-client suse-upgrade-libvirt-client-qemu suse-upgrade-libvirt-daemon suse-upgrade-libvirt-daemon-common suse-upgrade-libvirt-daemon-config-network suse-upgrade-libvirt-daemon-config-nwfilter suse-upgrade-libvirt-daemon-driver-interface suse-upgrade-libvirt-daemon-driver-libxl suse-upgrade-libvirt-daemon-driver-lxc suse-upgrade-libvirt-daemon-driver-network suse-upgrade-libvirt-daemon-driver-nodedev suse-upgrade-libvirt-daemon-driver-nwfilter suse-upgrade-libvirt-daemon-driver-qemu suse-upgrade-libvirt-daemon-driver-secret suse-upgrade-libvirt-daemon-driver-storage suse-upgrade-libvirt-daemon-driver-storage-core suse-upgrade-libvirt-daemon-driver-storage-disk suse-upgrade-libvirt-daemon-driver-storage-gluster suse-upgrade-libvirt-daemon-driver-storage-iscsi suse-upgrade-libvirt-daemon-driver-storage-iscsi-direct suse-upgrade-libvirt-daemon-driver-storage-logical suse-upgrade-libvirt-daemon-driver-storage-mpath suse-upgrade-libvirt-daemon-driver-storage-rbd suse-upgrade-libvirt-daemon-driver-storage-scsi suse-upgrade-libvirt-daemon-hooks suse-upgrade-libvirt-daemon-lock suse-upgrade-libvirt-daemon-log suse-upgrade-libvirt-daemon-lxc suse-upgrade-libvirt-daemon-plugin-lockd suse-upgrade-libvirt-daemon-plugin-sanlock suse-upgrade-libvirt-daemon-proxy suse-upgrade-libvirt-daemon-qemu suse-upgrade-libvirt-daemon-xen suse-upgrade-libvirt-devel suse-upgrade-libvirt-devel-32bit suse-upgrade-libvirt-doc suse-upgrade-libvirt-libs suse-upgrade-libvirt-nss suse-upgrade-wireshark-plugin-libvirt References https://attackerkb.com/topics/cve-2024-4418 CVE - 2024-4418

Huawei EulerOS: CVE-2024-34397: glib2 security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/07/2024 Created 10/10/2024 Added 10/09/2024 Modified 10/09/2024 Description An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. Solution(s) huawei-euleros-2_0_sp12-upgrade-glib2 References https://attackerkb.com/topics/cve-2024-34397 CVE - 2024-34397 EulerOS-SA-2024-2527

Alpine Linux: CVE-2024-32663: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/07/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536). Solution(s) alpine-linux-upgrade-suricata References https://attackerkb.com/topics/cve-2024-32663 CVE - 2024-32663 https://security.alpinelinux.org/vuln/CVE-2024-32663

Alpine Linux: CVE-2024-4558: Vulnerability in Multiple Components Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/07/2024 Created 08/23/2024 Added 08/22/2024 Modified 01/28/2025 Description Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) alpine-linux-upgrade-qt6-qtwebengine alpine-linux-upgrade-qt5-qtwebengine References https://attackerkb.com/topics/cve-2024-4558 CVE - 2024-4558 https://security.alpinelinux.org/vuln/CVE-2024-4558

Rocky Linux: CVE-2024-4558: webkit2gtk3 (RLSA-2024-9636) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/07/2024 Created 11/21/2024 Added 11/20/2024 Modified 01/28/2025 Description Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) rocky-upgrade-webkit2gtk3 rocky-upgrade-webkit2gtk3-debuginfo rocky-upgrade-webkit2gtk3-debugsource rocky-upgrade-webkit2gtk3-devel rocky-upgrade-webkit2gtk3-devel-debuginfo rocky-upgrade-webkit2gtk3-jsc rocky-upgrade-webkit2gtk3-jsc-debuginfo rocky-upgrade-webkit2gtk3-jsc-devel rocky-upgrade-webkit2gtk3-jsc-devel-debuginfo References https://attackerkb.com/topics/cve-2024-4558 CVE - 2024-4558 https://errata.rockylinux.org/RLSA-2024:9636

VMware Photon OS: CVE-2024-27397 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/09/2024 Created 01/21/2025 Added 01/20/2025 Modified 01/20/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to use the timestamp, this avoids that an element expires while control plane transaction is still unfinished. .lookup and .update, which are used from packet path, still use the current time to check if the element has expired. And .get path and dump also since this runs lockless under rcu read size lock. Then, there is async gc which also needs to check the current time since it runs asynchronously from a workqueue. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-27397 CVE - 2024-27397

F5 Networks: CVE-2024-28889: K000138912: BIG-IP SSL vulnerability CVE-2024-28889 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/09/2024 Created 05/10/2024 Added 05/09/2024 Modified 08/23/2024 Description When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2024-28889 CVE - 2024-28889 https://my.f5.com/manage/s/article/K000138912