ISHACK AI BOT

SUSE: CVE-2024-22373: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 04/25/2024 Created 06/20/2024 Added 06/19/2024 Modified 01/28/2025 Description An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Solution(s) suse-upgrade-gdcm suse-upgrade-gdcm-applications suse-upgrade-gdcm-devel suse-upgrade-gdcm-examples suse-upgrade-libgdcm3_0 suse-upgrade-libsocketxx1_2 suse-upgrade-python3-gdcm References https://attackerkb.com/topics/cve-2024-22373 CVE - 2024-22373

Ubuntu: (Multiple Advisories) (CVE-2024-26926): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/25/2024 Created 07/12/2024 Added 07/12/2024 Modified 09/20/2024 Description In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("binder: avoid potential data leakage when copying txn") introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset alignment check done through calls to binder_alloc_copy_from_buffer() -> check_buffer(). These calls were replaced in binder_get_object() with copy_from_user(), so now an explicit offset alignment check is needed here. This avoids later complications when unwinding the objects gets harder. It is worth noting this check existed prior to commit 7a67a39320df ("binder: add function to copy binder object from buffer"), likely removed due to redundancy at the time. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1048-gkeop ubuntu-upgrade-linux-image-5-15-0-1058-ibm ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1060-nvidia ubuntu-upgrade-linux-image-5-15-0-1060-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1062-gke ubuntu-upgrade-linux-image-5-15-0-1062-kvm ubuntu-upgrade-linux-image-5-15-0-1063-oracle ubuntu-upgrade-linux-image-5-15-0-1064-gcp ubuntu-upgrade-linux-image-5-15-0-1065-aws ubuntu-upgrade-linux-image-5-15-0-1065-gcp ubuntu-upgrade-linux-image-5-15-0-1068-azure ubuntu-upgrade-linux-image-5-15-0-1068-azure-fde ubuntu-upgrade-linux-image-5-15-0-116-generic ubuntu-upgrade-linux-image-5-15-0-116-generic-64k ubuntu-upgrade-linux-image-5-15-0-116-generic-lpae ubuntu-upgrade-linux-image-5-15-0-116-lowlatency ubuntu-upgrade-linux-image-5-15-0-116-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-5-0-1017-starfive ubuntu-upgrade-linux-image-6-5-0-1020-raspi ubuntu-upgrade-linux-image-6-5-0-1023-aws ubuntu-upgrade-linux-image-6-5-0-1023-nvidia ubuntu-upgrade-linux-image-6-5-0-1023-nvidia-64k ubuntu-upgrade-linux-image-6-5-0-1024-azure ubuntu-upgrade-linux-image-6-5-0-1024-azure-fde ubuntu-upgrade-linux-image-6-5-0-1024-gcp ubuntu-upgrade-linux-image-6-5-0-1026-oracle ubuntu-upgrade-linux-image-6-5-0-1026-oracle-64k ubuntu-upgrade-linux-image-6-5-0-1027-oem ubuntu-upgrade-linux-image-6-5-0-44-generic ubuntu-upgrade-linux-image-6-5-0-44-generic-64k ubuntu-upgrade-linux-image-6-5-0-44-lowlatency ubuntu-upgrade-linux-image-6-5-0-44-lowlatency-64k ubuntu-upgrade-linux-image-6-8-0-1006-gke ubuntu-upgrade-linux-image-6-8-0-1007-intel ubuntu-upgrade-linux-image-6-8-0-1007-raspi ubuntu-upgrade-linux-image-6-8-0-1008-ibm ubuntu-upgrade-linux-image-6-8-0-1008-oem ubuntu-upgrade-linux-image-6-8-0-1008-oracle ubuntu-upgrade-linux-image-6-8-0-1008-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1009-nvidia ubuntu-upgrade-linux-image-6-8-0-1009-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1010-azure ubuntu-upgrade-linux-image-6-8-0-1010-azure-fde ubuntu-upgrade-linux-image-6-8-0-1010-gcp ubuntu-upgrade-linux-image-6-8-0-1011-aws ubuntu-upgrade-linux-image-6-8-0-38-generic ubuntu-upgrade-linux-image-6-8-0-38-generic-64k ubuntu-upgrade-linux-image-6-8-0-38-lowlatency ubuntu-upgrade-linux-image-6-8-0-38-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-22-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-22-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-22-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-6-5 ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-64k-6-5 ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-hwe-22-04 ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-22-04c ubuntu-upgrade-linux-image-oem-22-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-starfive ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-22-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-26926 CVE - 2024-26926 USN-6893-1 USN-6893-2 USN-6893-3 USN-6895-1 USN-6895-2 USN-6895-3 USN-6895-4 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6898-1 USN-6898-2 USN-6898-3 USN-6898-4 USN-6900-1 USN-6917-1 USN-6918-1 USN-6919-1 USN-6927-1 USN-7019-1 View more

SUSE: CVE-2024-25583: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/25/2024 Created 04/30/2024 Added 04/30/2024 Modified 04/30/2024 Description A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected. Solution(s) suse-upgrade-pdns-recursor References https://attackerkb.com/topics/cve-2024-25583 CVE - 2024-25583

Huawei EulerOS: CVE-2024-26924: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/25/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern.Quoting Pablo: add_elem("00000000") timeout 100 ms ... add_elem("0000000X") timeout 100 ms del_elem("0000000X") <---------------- delete one that was just added ... add_elem("00005000") timeout 100 ms 1) nft_pipapo_remove() removes element 0000000X Then, KASAN shows a splat. Looking at the remove function there is a chance that we will drop a rule that maps to a non-deactivated element. Removal happens in two steps, first we do a lookup for key k and return the to-be-removed element and mark it as inactive in the next generation. Then, in a second step, the element gets removed from the set/map. The _remove function does not work correctly if we have more than one element that share the same key. This can happen if we insert an element into a set when the set already holds an element with same key, but the element mapping to the existing key has timed out or is not active in the next generation. In such case its possible that removal will unmap the wrong element. If this happens, we will leak the non-deactivated element, it becomes unreachable. The element that got deactivated (and will be freed later) will remain reachable in the set data structure, this can result in a crash when such an element is retrieved during lookup (stale pointer). Add a check that the fully matching key does in fact map to the element that we have marked as inactive in the deactivation step. If not, we need to continue searching. Add a bug/warn trap at the end of the function as well, the remove function must not ever be called with an invisible/unreachable/non-existent element. v2: avoid uneeded temporary variable (Stefano) Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-26924 CVE - 2024-26924 EulerOS-SA-2024-2207

OS X update for WebKit (CVE-2024-23271) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 04/25/2024 Created 04/25/2024 Added 04/25/2024 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior. Solution(s) apple-osx-upgrade-14_3 References https://attackerkb.com/topics/cve-2024-23271 CVE - 2024-23271 https://support.apple.com/en-us/120309

SUSE: CVE-2022-48656: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 04/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we only need to move the of_node_put() before the check. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2022-48656 CVE - 2022-48656

Amazon Linux AMI 2: CVE-2022-48631: Security patch for kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/28/2024 Created 08/03/2024 Added 08/02/2024 Modified 08/02/2024 Description In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 When walking through an inode extents, the ext4_ext_binsearch_idx() function assumes that the extent header has been previously validated.However, there are no checks that verify that the number of entries (eh->eh_entries) is non-zero when depth is > 0.And this will lead to problems because the EXT_FIRST_INDEX() and EXT_LAST_INDEX() will return garbage and result in this: [135.245946] ------------[ cut here ]------------ [135.247579] kernel BUG at fs/ext4/extents.c:2258! [135.249045] invalid opcode: 0000 [#1] PREEMPT SMP [135.250320] CPU: 2 PID: 238 Comm: tmp118 Not tainted 5.19.0-rc8+ #4 [135.252067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 04/01/2014 [135.255065] RIP: 0010:ext4_ext_map_blocks+0xc20/0xcb0 [135.256475] Code: [135.261433] RSP: 0018:ffffc900005939f8 EFLAGS: 00010246 [135.262847] RAX: 0000000000000024 RBX: ffffc90000593b70 RCX: 0000000000000023 [135.264765] RDX: ffff8880038e5f10 RSI: 0000000000000003 RDI: ffff8880046e922c [135.266670] RBP: ffff8880046e9348 R08: 0000000000000001 R09: ffff888002ca580c [135.268576] R10: 0000000000002602 R11: 0000000000000000 R12: 0000000000000024 [135.270477] R13: 0000000000000000 R14: 0000000000000024 R15: 0000000000000000 [135.272394] FS:00007fdabdc56740(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000 [135.274510] CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [135.276075] CR2: 00007ffc26bd4f00 CR3: 0000000006261004 CR4: 0000000000170ea0 [135.277952] Call Trace: [135.278635]<TASK> [135.279247]? preempt_count_add+0x6d/0xa0 [135.280358]? percpu_counter_add_batch+0x55/0xb0 [135.281612]? _raw_read_unlock+0x18/0x30 [135.282704]ext4_map_blocks+0x294/0x5a0 [135.283745]? xa_load+0x6f/0xa0 [135.284562]ext4_mpage_readpages+0x3d6/0x770 [135.285646]read_pages+0x67/0x1d0 [135.286492]? folio_add_lru+0x51/0x80 [135.287441]page_cache_ra_unbounded+0x124/0x170 [135.288510]filemap_get_pages+0x23d/0x5a0 [135.289457]? path_openat+0xa72/0xdd0 [135.290332]filemap_read+0xbf/0x300 [135.291158]? _raw_spin_lock_irqsave+0x17/0x40 [135.292192]new_sync_read+0x103/0x170 [135.293014]vfs_read+0x15d/0x180 [135.293745]ksys_read+0xa1/0xe0 [135.294461]do_syscall_64+0x3c/0x80 [135.295284]entry_SYSCALL_64_after_hwframe+0x46/0xb0 This patch simply adds an extra check in __ext4_ext_check(), verifying that eh_entries is not 0 when eh_depth is > 0. Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-147-133-644 amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-73-48-135 amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2022-48631 AL2/ALASKERNEL-5.10-2022-021 AL2/ALASKERNEL-5.15-2022-009 AL2/ALASKERNEL-5.4-2022-037 CVE - 2022-48631

SUSE: CVE-2022-48636: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 08/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The pavgroup pointer is checked on the entrance of the function but without the lcu->lock being held. Therefore there is a race window between dasd_alias_get_start_dev() and _lcu_update() which sets pavgroup to NULL with the lcu->lock held. Fix by checking the pavgroup pointer with lcu->lock held. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2022-48636 CVE - 2022-48636

SUSE: CVE-2022-48634: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 08/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reason to hold event_lock is to clear gma_crtc->page_flip_event on mode_set_base() errors. Instead unlock it after setting gma_crtc->page_flip_event and on errors re-take the lock and clear gma_crtc->page_flip_event it it is still set. This fixes the following WARN/stacktrace: [512.122953] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:870 [512.123004] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1253, name: gnome-shell [512.123031] preempt_count: 1, expected: 0 [512.123048] RCU nest depth: 0, expected: 0 [512.123066] INFO: lockdep is turned off. [512.123080] irq event stamp: 0 [512.123094] hardirqs lastenabled at (0): [<0000000000000000>] 0x0 [512.123134] hardirqs last disabled at (0): [<ffffffff8d0ec28c>] copy_process+0x9fc/0x1de0 [512.123176] softirqs lastenabled at (0): [<ffffffff8d0ec28c>] copy_process+0x9fc/0x1de0 [512.123207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [512.123233] Preemption disabled at: [512.123241] [<0000000000000000>] 0x0 [512.123275] CPU: 3 PID: 1253 Comm: gnome-shell Tainted: GW 5.19.0+ #1 [512.123304] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013 [512.123323] Call Trace: [512.123346]<TASK> [512.123370]dump_stack_lvl+0x5b/0x77 [512.123412]__might_resched.cold+0xff/0x13a [512.123458]ww_mutex_lock+0x1e/0xa0 [512.123495]psb_gem_pin+0x2c/0x150 [gma500_gfx] [512.123601]gma_pipe_set_base+0x76/0x240 [gma500_gfx] [512.123708]gma_crtc_page_flip+0x95/0x130 [gma500_gfx] [512.123808]drm_mode_page_flip_ioctl+0x57d/0x5d0 [512.123897]? drm_mode_cursor2_ioctl+0x10/0x10 [512.123936]drm_ioctl_kernel+0xa1/0x150 [512.123984]drm_ioctl+0x21f/0x420 [512.124025]? drm_mode_cursor2_ioctl+0x10/0x10 [512.124070]? rcu_read_lock_bh_held+0xb/0x60 [512.124104]? lock_release+0x1ef/0x2d0 [512.124161]__x64_sys_ioctl+0x8d/0xd0 [512.124203]do_syscall_64+0x58/0x80 [512.124239]? do_syscall_64+0x67/0x80 [512.124267]? trace_hardirqs_on_prepare+0x55/0xe0 [512.124300]? do_syscall_64+0x67/0x80 [512.124340]? rcu_read_lock_sched_held+0x10/0x80 [512.124377]entry_SYSCALL_64_after_hwframe+0x63/0xcd [512.124411] RIP: 0033:0x7fcc4a70740f [512.124442] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [512.124470] RSP: 002b:00007ffda73f5390 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [512.124503] RAX: ffffffffffffffda RBX: 000055cc9e474500 RCX: 00007fcc4a70740f [512.124524] RDX: 00007ffda73f5420 RSI: 00000000c01864b0 RDI: 0000000000000009 [512.124544] RBP: 00007ffda73f5420 R08: 000055cc9c0b0cb0 R09: 0000000000000034 [512.124564] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000c01864b0 [512.124584] R13: 0000000000000009 R14: 000055cc9df484d0 R15: 000055cc9af5d0c0 [512.124647]</TASK> Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2022-48634 CVE - 2022-48634

SUSE: CVE-2022-48632: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 08/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() memcpy() is called in a loop while 'operation->length' upper bound is not checked and 'data_idx' also increments. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2022-48632 CVE - 2022-48632

SUSE: CVE-2022-48650: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 08/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() Commit 8f394da36a36 ("scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG") made the __qlt_24xx_handle_abts() function return early if tcm_qla2xxx_find_cmd_by_tag() didn't find a command, but it missed to clean up the allocated memory for the management command. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2022-48650 CVE - 2022-48650

Alpine Linux: CVE-2023-52722: Vulnerability in Multiple Components Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/27/2024 Created 08/23/2024 Added 08/22/2024 Modified 10/10/2024 Description An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. Solution(s) alpine-linux-upgrade-ghostscript References https://attackerkb.com/topics/cve-2023-52722 CVE - 2023-52722 https://security.alpinelinux.org/vuln/CVE-2023-52722

Oracle Linux: CVE-2024-33600: ELSA-2024-3344:glibc security update (IMPORTANT) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 04/24/2024 Created 06/01/2024 Added 05/30/2024 Modified 12/24/2024 Description nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon&apos;s (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference.This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit. Solution(s) oracle-linux-upgrade-compat-libpthread-nonshared oracle-linux-upgrade-glibc oracle-linux-upgrade-glibc-all-langpacks oracle-linux-upgrade-glibc-benchtests oracle-linux-upgrade-glibc-common oracle-linux-upgrade-glibc-devel oracle-linux-upgrade-glibc-doc oracle-linux-upgrade-glibc-gconv-extra oracle-linux-upgrade-glibc-headers oracle-linux-upgrade-glibc-langpack-aa oracle-linux-upgrade-glibc-langpack-af oracle-linux-upgrade-glibc-langpack-agr oracle-linux-upgrade-glibc-langpack-ak oracle-linux-upgrade-glibc-langpack-am oracle-linux-upgrade-glibc-langpack-an oracle-linux-upgrade-glibc-langpack-anp oracle-linux-upgrade-glibc-langpack-ar oracle-linux-upgrade-glibc-langpack-as oracle-linux-upgrade-glibc-langpack-ast oracle-linux-upgrade-glibc-langpack-ayc oracle-linux-upgrade-glibc-langpack-az oracle-linux-upgrade-glibc-langpack-be oracle-linux-upgrade-glibc-langpack-bem oracle-linux-upgrade-glibc-langpack-ber oracle-linux-upgrade-glibc-langpack-bg oracle-linux-upgrade-glibc-langpack-bhb oracle-linux-upgrade-glibc-langpack-bho oracle-linux-upgrade-glibc-langpack-bi oracle-linux-upgrade-glibc-langpack-bn oracle-linux-upgrade-glibc-langpack-bo oracle-linux-upgrade-glibc-langpack-br oracle-linux-upgrade-glibc-langpack-brx oracle-linux-upgrade-glibc-langpack-bs oracle-linux-upgrade-glibc-langpack-byn oracle-linux-upgrade-glibc-langpack-ca oracle-linux-upgrade-glibc-langpack-ce oracle-linux-upgrade-glibc-langpack-chr oracle-linux-upgrade-glibc-langpack-ckb oracle-linux-upgrade-glibc-langpack-cmn oracle-linux-upgrade-glibc-langpack-crh oracle-linux-upgrade-glibc-langpack-cs oracle-linux-upgrade-glibc-langpack-csb oracle-linux-upgrade-glibc-langpack-cv oracle-linux-upgrade-glibc-langpack-cy oracle-linux-upgrade-glibc-langpack-da oracle-linux-upgrade-glibc-langpack-de oracle-linux-upgrade-glibc-langpack-doi oracle-linux-upgrade-glibc-langpack-dsb oracle-linux-upgrade-glibc-langpack-dv oracle-linux-upgrade-glibc-langpack-dz oracle-linux-upgrade-glibc-langpack-el oracle-linux-upgrade-glibc-langpack-en oracle-linux-upgrade-glibc-langpack-eo oracle-linux-upgrade-glibc-langpack-es oracle-linux-upgrade-glibc-langpack-et oracle-linux-upgrade-glibc-langpack-eu oracle-linux-upgrade-glibc-langpack-fa oracle-linux-upgrade-glibc-langpack-ff oracle-linux-upgrade-glibc-langpack-fi oracle-linux-upgrade-glibc-langpack-fil oracle-linux-upgrade-glibc-langpack-fo oracle-linux-upgrade-glibc-langpack-fr oracle-linux-upgrade-glibc-langpack-fur oracle-linux-upgrade-glibc-langpack-fy oracle-linux-upgrade-glibc-langpack-ga oracle-linux-upgrade-glibc-langpack-gd oracle-linux-upgrade-glibc-langpack-gez oracle-linux-upgrade-glibc-langpack-gl oracle-linux-upgrade-glibc-langpack-gu oracle-linux-upgrade-glibc-langpack-gv oracle-linux-upgrade-glibc-langpack-ha oracle-linux-upgrade-glibc-langpack-hak oracle-linux-upgrade-glibc-langpack-he oracle-linux-upgrade-glibc-langpack-hi oracle-linux-upgrade-glibc-langpack-hif oracle-linux-upgrade-glibc-langpack-hne oracle-linux-upgrade-glibc-langpack-hr oracle-linux-upgrade-glibc-langpack-hsb oracle-linux-upgrade-glibc-langpack-ht oracle-linux-upgrade-glibc-langpack-hu oracle-linux-upgrade-glibc-langpack-hy oracle-linux-upgrade-glibc-langpack-ia oracle-linux-upgrade-glibc-langpack-id oracle-linux-upgrade-glibc-langpack-ig oracle-linux-upgrade-glibc-langpack-ik oracle-linux-upgrade-glibc-langpack-is oracle-linux-upgrade-glibc-langpack-it oracle-linux-upgrade-glibc-langpack-iu oracle-linux-upgrade-glibc-langpack-ja oracle-linux-upgrade-glibc-langpack-ka oracle-linux-upgrade-glibc-langpack-kab oracle-linux-upgrade-glibc-langpack-kk oracle-linux-upgrade-glibc-langpack-kl oracle-linux-upgrade-glibc-langpack-km oracle-linux-upgrade-glibc-langpack-kn oracle-linux-upgrade-glibc-langpack-ko oracle-linux-upgrade-glibc-langpack-kok oracle-linux-upgrade-glibc-langpack-ks oracle-linux-upgrade-glibc-langpack-ku oracle-linux-upgrade-glibc-langpack-kw oracle-linux-upgrade-glibc-langpack-ky oracle-linux-upgrade-glibc-langpack-lb oracle-linux-upgrade-glibc-langpack-lg oracle-linux-upgrade-glibc-langpack-li oracle-linux-upgrade-glibc-langpack-lij oracle-linux-upgrade-glibc-langpack-ln oracle-linux-upgrade-glibc-langpack-lo oracle-linux-upgrade-glibc-langpack-lt oracle-linux-upgrade-glibc-langpack-lv oracle-linux-upgrade-glibc-langpack-lzh oracle-linux-upgrade-glibc-langpack-mag oracle-linux-upgrade-glibc-langpack-mai oracle-linux-upgrade-glibc-langpack-mfe oracle-linux-upgrade-glibc-langpack-mg oracle-linux-upgrade-glibc-langpack-mhr oracle-linux-upgrade-glibc-langpack-mi oracle-linux-upgrade-glibc-langpack-miq oracle-linux-upgrade-glibc-langpack-mjw oracle-linux-upgrade-glibc-langpack-mk oracle-linux-upgrade-glibc-langpack-ml oracle-linux-upgrade-glibc-langpack-mn oracle-linux-upgrade-glibc-langpack-mni oracle-linux-upgrade-glibc-langpack-mnw oracle-linux-upgrade-glibc-langpack-mr oracle-linux-upgrade-glibc-langpack-ms oracle-linux-upgrade-glibc-langpack-mt oracle-linux-upgrade-glibc-langpack-my oracle-linux-upgrade-glibc-langpack-nan oracle-linux-upgrade-glibc-langpack-nb oracle-linux-upgrade-glibc-langpack-nds oracle-linux-upgrade-glibc-langpack-ne oracle-linux-upgrade-glibc-langpack-nhn oracle-linux-upgrade-glibc-langpack-niu oracle-linux-upgrade-glibc-langpack-nl oracle-linux-upgrade-glibc-langpack-nn oracle-linux-upgrade-glibc-langpack-nr oracle-linux-upgrade-glibc-langpack-nso oracle-linux-upgrade-glibc-langpack-oc oracle-linux-upgrade-glibc-langpack-om oracle-linux-upgrade-glibc-langpack-or oracle-linux-upgrade-glibc-langpack-os oracle-linux-upgrade-glibc-langpack-pa oracle-linux-upgrade-glibc-langpack-pap oracle-linux-upgrade-glibc-langpack-pl oracle-linux-upgrade-glibc-langpack-ps oracle-linux-upgrade-glibc-langpack-pt oracle-linux-upgrade-glibc-langpack-quz oracle-linux-upgrade-glibc-langpack-raj oracle-linux-upgrade-glibc-langpack-ro oracle-linux-upgrade-glibc-langpack-ru oracle-linux-upgrade-glibc-langpack-rw oracle-linux-upgrade-glibc-langpack-sa oracle-linux-upgrade-glibc-langpack-sah oracle-linux-upgrade-glibc-langpack-sat oracle-linux-upgrade-glibc-langpack-sc oracle-linux-upgrade-glibc-langpack-sd oracle-linux-upgrade-glibc-langpack-se oracle-linux-upgrade-glibc-langpack-sgs oracle-linux-upgrade-glibc-langpack-shn oracle-linux-upgrade-glibc-langpack-shs oracle-linux-upgrade-glibc-langpack-si oracle-linux-upgrade-glibc-langpack-sid oracle-linux-upgrade-glibc-langpack-sk oracle-linux-upgrade-glibc-langpack-sl oracle-linux-upgrade-glibc-langpack-sm oracle-linux-upgrade-glibc-langpack-so oracle-linux-upgrade-glibc-langpack-sq oracle-linux-upgrade-glibc-langpack-sr oracle-linux-upgrade-glibc-langpack-ss oracle-linux-upgrade-glibc-langpack-st oracle-linux-upgrade-glibc-langpack-sv oracle-linux-upgrade-glibc-langpack-sw oracle-linux-upgrade-glibc-langpack-szl oracle-linux-upgrade-glibc-langpack-ta oracle-linux-upgrade-glibc-langpack-tcy oracle-linux-upgrade-glibc-langpack-te oracle-linux-upgrade-glibc-langpack-tg oracle-linux-upgrade-glibc-langpack-th oracle-linux-upgrade-glibc-langpack-the oracle-linux-upgrade-glibc-langpack-ti oracle-linux-upgrade-glibc-langpack-tig oracle-linux-upgrade-glibc-langpack-tk oracle-linux-upgrade-glibc-langpack-tl oracle-linux-upgrade-glibc-langpack-tn oracle-linux-upgrade-glibc-langpack-to oracle-linux-upgrade-glibc-langpack-tpi oracle-linux-upgrade-glibc-langpack-tr oracle-linux-upgrade-glibc-langpack-ts oracle-linux-upgrade-glibc-langpack-tt oracle-linux-upgrade-glibc-langpack-ug oracle-linux-upgrade-glibc-langpack-uk oracle-linux-upgrade-glibc-langpack-unm oracle-linux-upgrade-glibc-langpack-ur oracle-linux-upgrade-glibc-langpack-uz oracle-linux-upgrade-glibc-langpack-ve oracle-linux-upgrade-glibc-langpack-vi oracle-linux-upgrade-glibc-langpack-wa oracle-linux-upgrade-glibc-langpack-wae oracle-linux-upgrade-glibc-langpack-wal oracle-linux-upgrade-glibc-langpack-wo oracle-linux-upgrade-glibc-langpack-xh oracle-linux-upgrade-glibc-langpack-yi oracle-linux-upgrade-glibc-langpack-yo oracle-linux-upgrade-glibc-langpack-yue oracle-linux-upgrade-glibc-langpack-yuw oracle-linux-upgrade-glibc-langpack-zh oracle-linux-upgrade-glibc-langpack-zu oracle-linux-upgrade-glibc-locale-source oracle-linux-upgrade-glibc-minimal-langpack oracle-linux-upgrade-glibc-nss-devel oracle-linux-upgrade-glibc-static oracle-linux-upgrade-glibc-utils oracle-linux-upgrade-libnsl oracle-linux-upgrade-nscd oracle-linux-upgrade-nss-db oracle-linux-upgrade-nss-hesiod References https://attackerkb.com/topics/cve-2024-33600 CVE - 2024-33600 ELSA-2024-3344 ELSA-2024-12444 ELSA-2024-3588 ELSA-2024-12442 ELSA-2024-12440 ELSA-2024-12472 ELSA-2024-3339 View more

SUSE: CVE-2024-3651: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/24/2024 Created 04/25/2024 Added 04/25/2024 Modified 01/30/2025 Description A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size. Solution(s) suse-upgrade-python-idna suse-upgrade-python3-idna suse-upgrade-python311-idna References https://attackerkb.com/topics/cve-2024-3651 CVE - 2024-3651

Rocky Linux: CVE-2024-23271: webkit2gtk3 (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 04/24/2024 Created 11/05/2024 Added 11/04/2024 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior. Solution(s) rocky-upgrade-webkit2gtk3 rocky-upgrade-webkit2gtk3-debuginfo rocky-upgrade-webkit2gtk3-debugsource rocky-upgrade-webkit2gtk3-devel rocky-upgrade-webkit2gtk3-devel-debuginfo rocky-upgrade-webkit2gtk3-jsc rocky-upgrade-webkit2gtk3-jsc-debuginfo rocky-upgrade-webkit2gtk3-jsc-devel rocky-upgrade-webkit2gtk3-jsc-devel-debuginfo References https://attackerkb.com/topics/cve-2024-23271 CVE - 2024-23271 https://errata.rockylinux.org/RLSA-2024:8180 https://errata.rockylinux.org/RLSA-2024:9636

Oracle Linux: CVE-2024-26923: ELSA-2024-7000:kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 04/24/2024 Created 10/18/2024 Added 10/16/2024 Modified 01/07/2025 Description In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two consecutive passes of scan_children() may see a different set of children. Leading to an incorrectly elevated inflight count, and then a dangling pointer within the gc_inflight_list. sockets are AF_UNIX/SOCK_STREAM S is an unconnected socket L is a listening in-flight socket bound to addr, not in fdtable V&apos;s fd will be passed via sendmsg(), gets inflight count bumped connect(S, addr)sendmsg(S, [V]); close(V)__unix_gc() ---------------------------------------------------- NS = unix_create1() skb1 = sock_wmalloc(NS) L = unix_find_other(addr) unix_state_lock(L) unix_peer(S) = NS // V count=1 inflight=0 NS = unix_peer(S) skb2 = sock_alloc() skb_queue_tail(NS, skb2[V]) // V became in-flight // V count=2 inflight=1 close(V) // V count=1 inflight=1 // GC candidate condition met for u in gc_inflight_list: if (total_refs == inflight_refs) add u to gc_candidates // gc_candidates={L, V} for u in gc_candidates: scan_children(u, dec_inflight) // embryo (skb1) was not // reachable from L yet, so V&apos;s // inflight remains unchanged __skb_queue_tail(L, skb1) unix_state_unlock(L) for u in gc_candidates: if (u.inflight) scan_children(u, inc_inflight_move_tail) // V count=1 inflight=2 (!) If there is a GC-candidate listening socket, lock/unlock its state. This makes GC wait until the end of any ongoing connect() to that socket. After flipping the lock, a possibly SCM-laden embryo is already enqueued. And if there is another embryo coming, it can not possibly carry SCM_RIGHTS. At this point, unix_inflight() can not happen because unix_gc_lock is already taken. Inflight graph remains unaffected. A flaw was found in the Linux kernel, where the management of inter-process communication uses AF_UNIX sockets. The issue arises from a race condition where a partially initialized socket with specific permissions carrying SCM_RIGHTS is improperly handled during garbage collection. This situation leads to an incorrect count of active sockets, potentially causing resources to remain unaccounted for and never released. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2024-26923 CVE - 2024-26923 ELSA-2024-7000 ELSA-2024-8617

VMware Photon OS: CVE-2024-26924 Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 04/24/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern.Quoting Pablo: add_elem("00000000") timeout 100 ms ... add_elem("0000000X") timeout 100 ms del_elem("0000000X") <---------------- delete one that was just added ... add_elem("00005000") timeout 100 ms 1) nft_pipapo_remove() removes element 0000000X Then, KASAN shows a splat. Looking at the remove function there is a chance that we will drop a rule that maps to a non-deactivated element. Removal happens in two steps, first we do a lookup for key k and return the to-be-removed element and mark it as inactive in the next generation. Then, in a second step, the element gets removed from the set/map. The _remove function does not work correctly if we have more than one element that share the same key. This can happen if we insert an element into a set when the set already holds an element with same key, but the element mapping to the existing key has timed out or is not active in the next generation. In such case its possible that removal will unmap the wrong element. If this happens, we will leak the non-deactivated element, it becomes unreachable. The element that got deactivated (and will be freed later) will remain reachable in the set data structure, this can result in a crash when such an element is retrieved during lookup (stale pointer). Add a check that the fully matching key does in fact map to the element that we have marked as inactive in the deactivation step. If not, we need to continue searching. Add a bug/warn trap at the end of the function as well, the remove function must not ever be called with an invisible/unreachable/non-existent element. v2: avoid uneeded temporary variable (Stefano) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-26924 CVE - 2024-26924

VMware Photon OS: CVE-2024-26923 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 04/24/2024 Created 01/21/2025 Added 01/20/2025 Modified 01/20/2025 Description In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two consecutive passes of scan_children() may see a different set of children. Leading to an incorrectly elevated inflight count, and then a dangling pointer within the gc_inflight_list. sockets are AF_UNIX/SOCK_STREAM S is an unconnected socket L is a listening in-flight socket bound to addr, not in fdtable V's fd will be passed via sendmsg(), gets inflight count bumped connect(S, addr) sendmsg(S, [V]); close(V) __unix_gc() ---------------- ------------------------- ----------- NS = unix_create1() skb1 = sock_wmalloc(NS) L = unix_find_other(addr) unix_state_lock(L) unix_peer(S) = NS // V count=1 inflight=0 NS = unix_peer(S) skb2 = sock_alloc() skb_queue_tail(NS, skb2[V]) // V became in-flight // V count=2 inflight=1 close(V) // V count=1 inflight=1 // GC candidate condition met for u in gc_inflight_list: if (total_refs == inflight_refs) add u to gc_candidates // gc_candidates={L, V} for u in gc_candidates: scan_children(u, dec_inflight) // embryo (skb1) was not // reachable from L yet, so V's // inflight remains unchanged __skb_queue_tail(L, skb1) unix_state_unlock(L) for u in gc_candidates: if (u.inflight) scan_children(u, inc_inflight_move_tail) // V count=1 inflight=2 (!) If there is a GC-candidate listening socket, lock/unlock its state. This makes GC wait until the end of any ongoing connect() to that socket. After flipping the lock, a possibly SCM-laden embryo is already enqueued. And if there is another embryo coming, it can not possibly carry SCM_RIGHTS. At this point, unix_inflight() can not happen because unix_gc_lock is already taken. Inflight graph remains unaffected. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-26923 CVE - 2024-26923

Oracle Linux: CVE-2024-33601: ELSA-2024-3344:glibc security update (IMPORTANT) (Multiple Advisories) Severity 2 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:P) Published 04/24/2024 Created 06/01/2024 Added 05/30/2024 Modified 12/24/2024 Description nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon&apos;s (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients.The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure. Solution(s) oracle-linux-upgrade-compat-libpthread-nonshared oracle-linux-upgrade-glibc oracle-linux-upgrade-glibc-all-langpacks oracle-linux-upgrade-glibc-benchtests oracle-linux-upgrade-glibc-common oracle-linux-upgrade-glibc-devel oracle-linux-upgrade-glibc-doc oracle-linux-upgrade-glibc-gconv-extra oracle-linux-upgrade-glibc-headers oracle-linux-upgrade-glibc-langpack-aa oracle-linux-upgrade-glibc-langpack-af oracle-linux-upgrade-glibc-langpack-agr oracle-linux-upgrade-glibc-langpack-ak oracle-linux-upgrade-glibc-langpack-am oracle-linux-upgrade-glibc-langpack-an oracle-linux-upgrade-glibc-langpack-anp oracle-linux-upgrade-glibc-langpack-ar oracle-linux-upgrade-glibc-langpack-as oracle-linux-upgrade-glibc-langpack-ast oracle-linux-upgrade-glibc-langpack-ayc oracle-linux-upgrade-glibc-langpack-az oracle-linux-upgrade-glibc-langpack-be oracle-linux-upgrade-glibc-langpack-bem oracle-linux-upgrade-glibc-langpack-ber oracle-linux-upgrade-glibc-langpack-bg oracle-linux-upgrade-glibc-langpack-bhb oracle-linux-upgrade-glibc-langpack-bho oracle-linux-upgrade-glibc-langpack-bi oracle-linux-upgrade-glibc-langpack-bn oracle-linux-upgrade-glibc-langpack-bo oracle-linux-upgrade-glibc-langpack-br oracle-linux-upgrade-glibc-langpack-brx oracle-linux-upgrade-glibc-langpack-bs oracle-linux-upgrade-glibc-langpack-byn oracle-linux-upgrade-glibc-langpack-ca oracle-linux-upgrade-glibc-langpack-ce oracle-linux-upgrade-glibc-langpack-chr oracle-linux-upgrade-glibc-langpack-ckb oracle-linux-upgrade-glibc-langpack-cmn oracle-linux-upgrade-glibc-langpack-crh oracle-linux-upgrade-glibc-langpack-cs oracle-linux-upgrade-glibc-langpack-csb oracle-linux-upgrade-glibc-langpack-cv oracle-linux-upgrade-glibc-langpack-cy oracle-linux-upgrade-glibc-langpack-da oracle-linux-upgrade-glibc-langpack-de oracle-linux-upgrade-glibc-langpack-doi oracle-linux-upgrade-glibc-langpack-dsb oracle-linux-upgrade-glibc-langpack-dv oracle-linux-upgrade-glibc-langpack-dz oracle-linux-upgrade-glibc-langpack-el oracle-linux-upgrade-glibc-langpack-en oracle-linux-upgrade-glibc-langpack-eo oracle-linux-upgrade-glibc-langpack-es oracle-linux-upgrade-glibc-langpack-et oracle-linux-upgrade-glibc-langpack-eu oracle-linux-upgrade-glibc-langpack-fa oracle-linux-upgrade-glibc-langpack-ff oracle-linux-upgrade-glibc-langpack-fi oracle-linux-upgrade-glibc-langpack-fil oracle-linux-upgrade-glibc-langpack-fo oracle-linux-upgrade-glibc-langpack-fr oracle-linux-upgrade-glibc-langpack-fur oracle-linux-upgrade-glibc-langpack-fy oracle-linux-upgrade-glibc-langpack-ga oracle-linux-upgrade-glibc-langpack-gd oracle-linux-upgrade-glibc-langpack-gez oracle-linux-upgrade-glibc-langpack-gl oracle-linux-upgrade-glibc-langpack-gu oracle-linux-upgrade-glibc-langpack-gv oracle-linux-upgrade-glibc-langpack-ha oracle-linux-upgrade-glibc-langpack-hak oracle-linux-upgrade-glibc-langpack-he oracle-linux-upgrade-glibc-langpack-hi oracle-linux-upgrade-glibc-langpack-hif oracle-linux-upgrade-glibc-langpack-hne oracle-linux-upgrade-glibc-langpack-hr oracle-linux-upgrade-glibc-langpack-hsb oracle-linux-upgrade-glibc-langpack-ht oracle-linux-upgrade-glibc-langpack-hu oracle-linux-upgrade-glibc-langpack-hy oracle-linux-upgrade-glibc-langpack-ia oracle-linux-upgrade-glibc-langpack-id oracle-linux-upgrade-glibc-langpack-ig oracle-linux-upgrade-glibc-langpack-ik oracle-linux-upgrade-glibc-langpack-is oracle-linux-upgrade-glibc-langpack-it oracle-linux-upgrade-glibc-langpack-iu oracle-linux-upgrade-glibc-langpack-ja oracle-linux-upgrade-glibc-langpack-ka oracle-linux-upgrade-glibc-langpack-kab oracle-linux-upgrade-glibc-langpack-kk oracle-linux-upgrade-glibc-langpack-kl oracle-linux-upgrade-glibc-langpack-km oracle-linux-upgrade-glibc-langpack-kn oracle-linux-upgrade-glibc-langpack-ko oracle-linux-upgrade-glibc-langpack-kok oracle-linux-upgrade-glibc-langpack-ks oracle-linux-upgrade-glibc-langpack-ku oracle-linux-upgrade-glibc-langpack-kw oracle-linux-upgrade-glibc-langpack-ky oracle-linux-upgrade-glibc-langpack-lb oracle-linux-upgrade-glibc-langpack-lg oracle-linux-upgrade-glibc-langpack-li oracle-linux-upgrade-glibc-langpack-lij oracle-linux-upgrade-glibc-langpack-ln oracle-linux-upgrade-glibc-langpack-lo oracle-linux-upgrade-glibc-langpack-lt oracle-linux-upgrade-glibc-langpack-lv oracle-linux-upgrade-glibc-langpack-lzh oracle-linux-upgrade-glibc-langpack-mag oracle-linux-upgrade-glibc-langpack-mai oracle-linux-upgrade-glibc-langpack-mfe oracle-linux-upgrade-glibc-langpack-mg oracle-linux-upgrade-glibc-langpack-mhr oracle-linux-upgrade-glibc-langpack-mi oracle-linux-upgrade-glibc-langpack-miq oracle-linux-upgrade-glibc-langpack-mjw oracle-linux-upgrade-glibc-langpack-mk oracle-linux-upgrade-glibc-langpack-ml oracle-linux-upgrade-glibc-langpack-mn oracle-linux-upgrade-glibc-langpack-mni oracle-linux-upgrade-glibc-langpack-mnw oracle-linux-upgrade-glibc-langpack-mr oracle-linux-upgrade-glibc-langpack-ms oracle-linux-upgrade-glibc-langpack-mt oracle-linux-upgrade-glibc-langpack-my oracle-linux-upgrade-glibc-langpack-nan oracle-linux-upgrade-glibc-langpack-nb oracle-linux-upgrade-glibc-langpack-nds oracle-linux-upgrade-glibc-langpack-ne oracle-linux-upgrade-glibc-langpack-nhn oracle-linux-upgrade-glibc-langpack-niu oracle-linux-upgrade-glibc-langpack-nl oracle-linux-upgrade-glibc-langpack-nn oracle-linux-upgrade-glibc-langpack-nr oracle-linux-upgrade-glibc-langpack-nso oracle-linux-upgrade-glibc-langpack-oc oracle-linux-upgrade-glibc-langpack-om oracle-linux-upgrade-glibc-langpack-or oracle-linux-upgrade-glibc-langpack-os oracle-linux-upgrade-glibc-langpack-pa oracle-linux-upgrade-glibc-langpack-pap oracle-linux-upgrade-glibc-langpack-pl oracle-linux-upgrade-glibc-langpack-ps oracle-linux-upgrade-glibc-langpack-pt oracle-linux-upgrade-glibc-langpack-quz oracle-linux-upgrade-glibc-langpack-raj oracle-linux-upgrade-glibc-langpack-ro oracle-linux-upgrade-glibc-langpack-ru oracle-linux-upgrade-glibc-langpack-rw oracle-linux-upgrade-glibc-langpack-sa oracle-linux-upgrade-glibc-langpack-sah oracle-linux-upgrade-glibc-langpack-sat oracle-linux-upgrade-glibc-langpack-sc oracle-linux-upgrade-glibc-langpack-sd oracle-linux-upgrade-glibc-langpack-se oracle-linux-upgrade-glibc-langpack-sgs oracle-linux-upgrade-glibc-langpack-shn oracle-linux-upgrade-glibc-langpack-shs oracle-linux-upgrade-glibc-langpack-si oracle-linux-upgrade-glibc-langpack-sid oracle-linux-upgrade-glibc-langpack-sk oracle-linux-upgrade-glibc-langpack-sl oracle-linux-upgrade-glibc-langpack-sm oracle-linux-upgrade-glibc-langpack-so oracle-linux-upgrade-glibc-langpack-sq oracle-linux-upgrade-glibc-langpack-sr oracle-linux-upgrade-glibc-langpack-ss oracle-linux-upgrade-glibc-langpack-st oracle-linux-upgrade-glibc-langpack-sv oracle-linux-upgrade-glibc-langpack-sw oracle-linux-upgrade-glibc-langpack-szl oracle-linux-upgrade-glibc-langpack-ta oracle-linux-upgrade-glibc-langpack-tcy oracle-linux-upgrade-glibc-langpack-te oracle-linux-upgrade-glibc-langpack-tg oracle-linux-upgrade-glibc-langpack-th oracle-linux-upgrade-glibc-langpack-the oracle-linux-upgrade-glibc-langpack-ti oracle-linux-upgrade-glibc-langpack-tig oracle-linux-upgrade-glibc-langpack-tk oracle-linux-upgrade-glibc-langpack-tl oracle-linux-upgrade-glibc-langpack-tn oracle-linux-upgrade-glibc-langpack-to oracle-linux-upgrade-glibc-langpack-tpi oracle-linux-upgrade-glibc-langpack-tr oracle-linux-upgrade-glibc-langpack-ts oracle-linux-upgrade-glibc-langpack-tt oracle-linux-upgrade-glibc-langpack-ug oracle-linux-upgrade-glibc-langpack-uk oracle-linux-upgrade-glibc-langpack-unm oracle-linux-upgrade-glibc-langpack-ur oracle-linux-upgrade-glibc-langpack-uz oracle-linux-upgrade-glibc-langpack-ve oracle-linux-upgrade-glibc-langpack-vi oracle-linux-upgrade-glibc-langpack-wa oracle-linux-upgrade-glibc-langpack-wae oracle-linux-upgrade-glibc-langpack-wal oracle-linux-upgrade-glibc-langpack-wo oracle-linux-upgrade-glibc-langpack-xh oracle-linux-upgrade-glibc-langpack-yi oracle-linux-upgrade-glibc-langpack-yo oracle-linux-upgrade-glibc-langpack-yue oracle-linux-upgrade-glibc-langpack-yuw oracle-linux-upgrade-glibc-langpack-zh oracle-linux-upgrade-glibc-langpack-zu oracle-linux-upgrade-glibc-locale-source oracle-linux-upgrade-glibc-minimal-langpack oracle-linux-upgrade-glibc-nss-devel oracle-linux-upgrade-glibc-static oracle-linux-upgrade-glibc-utils oracle-linux-upgrade-libnsl oracle-linux-upgrade-nscd oracle-linux-upgrade-nss-db oracle-linux-upgrade-nss-hesiod References https://attackerkb.com/topics/cve-2024-33601 CVE - 2024-33601 ELSA-2024-3344 ELSA-2024-12444 ELSA-2024-3588 ELSA-2024-12442 ELSA-2024-12440 ELSA-2024-12472 ELSA-2024-3339 View more

Oracle Linux: CVE-2024-26925: ELSA-2024-5101:kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:S/C:C/I:C/A:C) Published 04/24/2024 Created 08/20/2024 Added 08/16/2024 Modified 12/06/2024 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2024-26925 CVE - 2024-26925 ELSA-2024-5101 ELSA-2024-5928

Cisco ASA: CVE-2024-20353: Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 04/24/2024 Created 04/25/2024 Added 04/25/2024 Modified 12/02/2024 Description A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2024-20353 CVE - 2024-20353 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2 cisco-sa-asaftd-websrvs-dos-X8gNucD2

Cisco ASA: CVE-2024-20359: Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:N) Published 04/24/2024 Created 04/25/2024 Added 04/25/2024 Modified 12/02/2024 Description A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2024-20359 CVE - 2024-20359 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h cisco-sa-asaftd-persist-rce-FLsNXF4h

Cisco FTD: CVE-2024-20358: Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:N) Published 04/24/2024 Created 02/07/2025 Added 01/29/2025 Modified 02/12/2025 Description A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root. Solution(s) cisco-ftd-upgrade-latest References https://attackerkb.com/topics/cve-2024-20358 CVE - 2024-20358 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmd-inj-ZJV8Wysm cisco-sa-asaftd-cmd-inj-ZJV8Wysm

Cisco ASA: CVE-2024-20358: Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:N) Published 04/24/2024 Created 04/25/2024 Added 04/25/2024 Modified 12/02/2024 Description A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root. Solution(s) cisco-asa-update-latest References https://attackerkb.com/topics/cve-2024-20358 CVE - 2024-20358 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmd-inj-ZJV8Wysm cisco-sa-asaftd-cmd-inj-ZJV8Wysm

Cisco FTD: CVE-2024-20359: Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:C/A:N) Published 04/24/2024 Created 02/07/2025 Added 01/29/2025 Modified 02/12/2025 Description A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability is due to improper validation of a file when it is read from system flash memory. An attacker could exploit this vulnerability by copying a crafted file to the disk0: file system of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. Solution(s) cisco-ftd-upgrade-latest References https://attackerkb.com/topics/cve-2024-20359 CVE - 2024-20359 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h cisco-sa-asaftd-persist-rce-FLsNXF4h