ISHACK AI BOT

OS X update for Safari Private Browsing (CVE-2024-23273) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23273 CVE - 2024-23273 https://support.apple.com/en-us/120895

OS X update for Sandbox (CVE-2024-23290) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23290 CVE - 2024-23290 https://support.apple.com/en-us/120895

OS X update for libxpc (CVE-2024-0258) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-0258 CVE - 2024-0258 https://support.apple.com/en-us/120895

OS X update for ExtensionKit (CVE-2024-23205) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23205 CVE - 2024-23205 https://support.apple.com/en-us/120895

OS X update for UIKit (CVE-2024-23246) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23246 CVE - 2024-23246 https://support.apple.com/en-us/120895

Alma Linux: CVE-2024-26630: Moderate: kernel security update (ALSA-2024-6567) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 11/05/2024 Added 11/04/2024 Modified 11/04/2024 Description In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags.However, we do not hold a reference to the folio before performing these actions, which means the folio can concurrently be released and reused as another folio/page/slab. Get around this altogether by just using xarray's existing machinery for the folio page offsets and dirty/writeback states. This changes behavior for tmpfs files to now always report zeroes in their dirty and writeback counters.This is okay as tmpfs doesn't follow conventional writeback cache behavior: its pages get "cleaned" during swapout, after which they're no longer resident etc. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2024-26630 CVE - 2024-26630 https://errata.almalinux.org/9/ALSA-2024-6567.html

Cisco IOS-XR: CVE-2024-20319: Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability Severity 3 CVSS (AV:A/AC:L/Au:N/C:N/I:P/A:N) Published 03/13/2024 Created 05/07/2024 Added 05/06/2024 Modified 11/04/2024 Description A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect UDP forwarding programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by attempting to perform an SNMP operation using broadcast as the destination address that could be processed by an affected device that is configured with an SNMP server. A successful exploit could allow the attacker to communicate to the device on the configured SNMP ports. Although an unauthenticated attacker could send UDP datagrams to the configured SNMP port, only an authenticated user can retrieve or modify data using SNMP requests. Solution(s) update-xros References https://attackerkb.com/topics/cve-2024-20319 CVE - 2024-20319 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uhv6ZDeF cisco-sa-snmp-uhv6ZDeF

OS X update for WebKit (CVE-2024-23263) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23263 CVE - 2024-23263 https://support.apple.com/en-us/120895

OS X update for AppleMobileFileIntegrity (CVE-2024-23233) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. Entitlements and privacy permissions granted to this app may be used by a malicious app. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23233 CVE - 2024-23233 https://support.apple.com/en-us/120895

OS X update for ColorSync (CVE-2024-23248) Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:C) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23248 CVE - 2024-23248 https://support.apple.com/en-us/120895

OS X update for Image Capture (CVE-2024-23253) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/30/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's Photos Library. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23253 CVE - 2024-23253 https://support.apple.com/en-us/120895

Ubuntu: (CVE-2024-26630): linux-raspi-realtime vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags.However, we do not hold a reference to the folio before performing these actions, which means the folio can concurrently be released and reused as another folio/page/slab. Get around this altogether by just using xarray's existing machinery for the folio page offsets and dirty/writeback states. This changes behavior for tmpfs files to now always report zeroes in their dirty and writeback counters.This is okay as tmpfs doesn't follow conventional writeback cache behavior: its pages get "cleaned" during swapout, after which they're no longer resident etc. Solution(s) ubuntu-upgrade-linux-raspi-realtime References https://attackerkb.com/topics/cve-2024-26630 CVE - 2024-26630 https://git.kernel.org/linus/3a75cb05d53f4a6823a32deb078de1366954a804 https://git.kernel.org/stable/c/3a75cb05d53f4a6823a32deb078de1366954a804 https://git.kernel.org/stable/c/ba60fdf75e89ea762bb617be578dc47f27655117 https://git.kernel.org/stable/c/fe7e008e0ce728252e4ec652cceebcc62211657c https://www.cve.org/CVERecord?id=CVE-2024-26630

Alma Linux: CVE-2024-23672: Important: tomcat security and bug fix update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 05/29/2024 Added 05/29/2024 Modified 09/18/2024 Description Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. Solution(s) alma-upgrade-tomcat alma-upgrade-tomcat-admin-webapps alma-upgrade-tomcat-docs-webapp alma-upgrade-tomcat-el-3.0-api alma-upgrade-tomcat-jsp-2.3-api alma-upgrade-tomcat-lib alma-upgrade-tomcat-servlet-4.0-api alma-upgrade-tomcat-webapps References https://attackerkb.com/topics/cve-2024-23672 CVE - 2024-23672 https://errata.almalinux.org/8/ALSA-2024-3666.html https://errata.almalinux.org/9/ALSA-2024-3307.html

Alma Linux: CVE-2024-24549: Important: tomcat security and bug fix update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 05/29/2024 Added 05/29/2024 Modified 09/18/2024 Description Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. Solution(s) alma-upgrade-tomcat alma-upgrade-tomcat-admin-webapps alma-upgrade-tomcat-docs-webapp alma-upgrade-tomcat-el-3.0-api alma-upgrade-tomcat-jsp-2.3-api alma-upgrade-tomcat-lib alma-upgrade-tomcat-servlet-4.0-api alma-upgrade-tomcat-webapps References https://attackerkb.com/topics/cve-2024-24549 CVE - 2024-24549 https://errata.almalinux.org/8/ALSA-2024-3666.html https://errata.almalinux.org/9/ALSA-2024-3307.html

Ubuntu: USN-7106-1 (CVE-2024-23672): Tomcat vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/25/2024 Description Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. Solution(s) ubuntu-pro-upgrade-libtomcat9-java ubuntu-pro-upgrade-tomcat9 References https://attackerkb.com/topics/cve-2024-23672 CVE - 2024-23672 USN-7106-1 https://github.com/apache/tomcat/commit/0052b374684b613b0c849899b325ebe334ac6501 https://github.com/apache/tomcat/commit/52d6650e062d880704898d7d8c1b2b7a3efe8068 https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f https://ubuntu.com/security/notices/USN-7106-1 https://www.cve.org/CVERecord?id=CVE-2024-23672 View more

Amazon Linux AMI 2: CVE-2023-38575: Security patch for microcode_ctl (ALAS-2024-2491) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 03/18/2024 Description Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. Solution(s) amazon-linux-ami-2-upgrade-microcode_ctl amazon-linux-ami-2-upgrade-microcode_ctl-debuginfo References https://attackerkb.com/topics/cve-2023-38575 AL2/ALAS-2024-2491 CVE - 2023-38575

SUSE: CVE-2023-28746: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 03/15/2024 Added 03/14/2024 Modified 07/17/2024 Description Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt suse-upgrade-ucode-intel suse-upgrade-xen suse-upgrade-xen-devel suse-upgrade-xen-doc-html suse-upgrade-xen-libs suse-upgrade-xen-libs-32bit suse-upgrade-xen-tools suse-upgrade-xen-tools-domu suse-upgrade-xen-tools-xendomains-wait-disk References https://attackerkb.com/topics/cve-2023-28746 CVE - 2023-28746

Cisco IOS-XR: CVE-2024-20318: Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 03/13/2024 Created 03/15/2024 Added 03/14/2024 Modified 11/04/2024 Description A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of specific Ethernet frames that are received on line cards that have the Layer 2 services feature enabled. An attacker could exploit this vulnerability by sending specific Ethernet frames through an affected device. A successful exploit could allow the attacker to cause the ingress interface network processor to reset, resulting in a loss of traffic over the interfaces that are supported by the network processor. Multiple resets of the network processor would cause the line card to reset, resulting in a DoS condition. Solution(s) update-xros References https://attackerkb.com/topics/cve-2024-20318 CVE - 2024-20318 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrl2vpn-jesrU3fc cisco-sa-xrl2vpn-jesrU3fc

SUSE: CVE-2023-52608: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/13/2024 Created 04/18/2024 Added 04/18/2024 Modified 05/06/2024 Description In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a transaction which is still pending, the related payload is fetched too. When an SCMI command times out the channel ownership remains with the platform until eventually a late reply is received and, as a consequence, any further transmission attempt remains pending, waiting for the channel to be relinquished by the platform. Once that late reply is received the channel ownership is given back to the agent and any pending request is then allowed to proceed and overwrite the SMT area of the just delivered late reply; then the wait for the reply to the new request starts. It has been observed that the spurious IRQ related to the late reply can be wrongly associated with the freshly enqueued request: when that happens the SCMI stack in-flight lookup procedure is fooled by the fact that the message header now present in the SMT area is related to the new pending transaction, even though the real reply has still to arrive. This race-condition on the A2P channel can be detected by looking at the channel status bits: a genuine reply from the platform will have set the channel free bit before triggering the completion IRQ. Add a consistency check to validate such condition in the A2P ISR. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-52608 CVE - 2023-52608

Oracle Linux: CVE-2024-23672: ELSA-2024-3666:tomcat security and bug fix update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/13/2024 Created 05/28/2024 Added 05/24/2024 Modified 12/06/2024 Description Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server's performance may degrade significantly, resulting in potential service disruption or unresponsiveness. Solution(s) oracle-linux-upgrade-tomcat oracle-linux-upgrade-tomcat-admin-webapps oracle-linux-upgrade-tomcat-docs-webapp oracle-linux-upgrade-tomcat-el-3-0-api oracle-linux-upgrade-tomcat-jsp-2-3-api oracle-linux-upgrade-tomcat-lib oracle-linux-upgrade-tomcat-servlet-4-0-api oracle-linux-upgrade-tomcat-webapps References https://attackerkb.com/topics/cve-2024-23672 CVE - 2024-23672 ELSA-2024-3666 ELSA-2024-3307

Oracle Linux: CVE-2023-22655: ELSA-2024-9401:microcode_ctl security update (MODERATE) Severity 4 CVSS (AV:L/AC:H/Au:M/C:P/I:C/A:N) Published 03/12/2024 Created 11/23/2024 Added 11/21/2024 Modified 11/25/2024 Description Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. A vulnerability was found in the Intel Xeon Processor's microcode. This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features. Solution(s) oracle-linux-upgrade-microcode-ctl References https://attackerkb.com/topics/cve-2023-22655 CVE - 2023-22655 ELSA-2024-9401

OS X update for Accessibility (CVE-2024-23291) Severity 2 CVSS (AV:L/AC:M/Au:N/C:P/I:N/A:N) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A malicious app may be able to observe user data in log entries related to accessibility notifications. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23291 CVE - 2024-23291 https://support.apple.com/en-us/120895

OS X update for QuartzCore (CVE-2024-23294) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/13/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4. Processing malicious input may lead to code execution. Solution(s) apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23294 CVE - 2024-23294 https://support.apple.com/en-us/120895

Huawei EulerOS: CVE-2023-44446: gstreamer-plugins-bad-free security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/12/2024 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299. Solution(s) huawei-euleros-2_0_sp8-upgrade-gstreamer-plugins-bad-free References https://attackerkb.com/topics/cve-2023-44446 CVE - 2023-44446 EulerOS-SA-2024-1272

Microsoft Windows: CVE-2024-21431: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/12/2024 Created 03/13/2024 Added 03/12/2024 Modified 08/13/2024 Description Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-21h2-kb5035845 microsoft-windows-windows_10-22h2-kb5035845 microsoft-windows-windows_11-21h2-kb5035854 microsoft-windows-windows_11-22h2-kb5035853 microsoft-windows-windows_11-23h2-kb5035853 microsoft-windows-windows_server_2022-21h2-kb5035857 microsoft-windows-windows_server_2022-22h2-kb5035857 microsoft-windows-windows_server_2022-23h2-kb5035856 References https://attackerkb.com/topics/cve-2024-21431 CVE - 2024-21431 https://support.microsoft.com/help/5035845 https://support.microsoft.com/help/5035853 https://support.microsoft.com/help/5035854 https://support.microsoft.com/help/5035856 https://support.microsoft.com/help/5035857