ISHACK AI BOT

Alma Linux: CVE-2024-2313: Low: bpftrace security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/10/2024 Created 11/08/2024 Added 11/07/2024 Modified 11/19/2024 Description If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Solution(s) alma-upgrade-bpftrace References https://attackerkb.com/topics/cve-2024-2313 CVE - 2024-2313 https://errata.almalinux.org/8/ALSA-2024-8830.html https://errata.almalinux.org/9/ALSA-2024-9188.html

Rocky Linux: CVE-2024-2313: bpftrace (RLSA-2024-8830) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/10/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Solution(s) rocky-upgrade-bpftrace rocky-upgrade-bpftrace-debuginfo rocky-upgrade-bpftrace-debugsource References https://attackerkb.com/topics/cve-2024-2313 CVE - 2024-2313 https://errata.rockylinux.org/RLSA-2024:8830

Rocky Linux: CVE-2024-2314: bcc (RLSA-2024-8831) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/10/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Solution(s) rocky-upgrade-bcc rocky-upgrade-bcc-debuginfo rocky-upgrade-bcc-debugsource rocky-upgrade-bcc-devel rocky-upgrade-bcc-tools rocky-upgrade-bcc-tools-debuginfo rocky-upgrade-python3-bcc References https://attackerkb.com/topics/cve-2024-2314 CVE - 2024-2314 https://errata.rockylinux.org/RLSA-2024:8831

VMware Photon OS: CVE-2024-2313 Severity 1 CVSS (AV:L/AC:H/Au:S/C:N/I:N/A:P) Published 03/10/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-2313 CVE - 2024-2313

VMware Photon OS: CVE-2024-28757 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/10/2024 Created 01/21/2025 Added 01/20/2025 Modified 01/20/2025 Description libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-28757 CVE - 2024-28757

SUSE: CVE-2024-28180: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 06/13/2024 Added 06/12/2024 Modified 08/06/2024 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Solution(s) suse-upgrade-libgpg-error-devel suse-upgrade-libgpg-error0 suse-upgrade-libgpg-error0-32bit suse-upgrade-skopeo suse-upgrade-skopeo-bash-completion suse-upgrade-skopeo-fish-completion suse-upgrade-skopeo-zsh-completion References https://attackerkb.com/topics/cve-2024-28180 CVE - 2024-28180

Red Hat OpenShift: CVE-2024-28180: jose-go: improper handling of highly compressed data Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 03/29/2024 Added 03/28/2024 Modified 01/27/2025 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Solution(s) linuxrpm-upgrade-cri-o linuxrpm-upgrade-openshift-clients linuxrpm-upgrade-podman linuxrpm-upgrade-skopeo References https://attackerkb.com/topics/cve-2024-28180 CVE - 2024-28180 RHSA-2024:0041 RHSA-2024:1456 RHSA-2024:1563 RHSA-2024:1567 RHSA-2024:1570 RHSA-2024:1574 RHSA-2024:1812 RHSA-2024:1859 RHSA-2024:1946 RHSA-2024:2049 RHSA-2024:2054 RHSA-2024:2071 RHSA-2024:2096 RHSA-2024:2549 RHSA-2024:2639 RHSA-2024:2669 RHSA-2024:2672 RHSA-2024:2773 RHSA-2024:2776 RHSA-2024:2784 RHSA-2024:2865 RHSA-2024:2869 RHSA-2024:2875 RHSA-2024:2877 RHSA-2024:3254 RHSA-2024:3327 RHSA-2024:3349 RHSA-2024:3351 RHSA-2024:3523 RHSA-2024:3718 RHSA-2024:3826 RHSA-2024:3827 RHSA-2024:3968 RHSA-2024:4006 RHSA-2024:4010 RHSA-2024:4028 RHSA-2024:4041 RHSA-2024:4455 RHSA-2024:4484 RHSA-2024:4591 RHSA-2024:6209 RHSA-2024:6687 RHSA-2024:7164 RHSA-2024:7179 RHSA-2024:8229 RHSA-2024:8235 RHSA-2024:8260 RHSA-2024:8425 RHSA-2024:8974 RHSA-2025:0536 View more

Amazon Linux AMI 2: CVE-2024-28180: Security patch for containerd, nerdctl (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 08/14/2024 Added 08/14/2024 Modified 08/14/2024 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Solution(s) amazon-linux-ami-2-upgrade-containerd amazon-linux-ami-2-upgrade-containerd-debuginfo amazon-linux-ami-2-upgrade-containerd-stress amazon-linux-ami-2-upgrade-nerdctl amazon-linux-ami-2-upgrade-nerdctl-debuginfo References https://attackerkb.com/topics/cve-2024-28180 AL2/ALAS-2024-2618 AL2/ALASDOCKER-2024-041 AL2/ALASECS-2024-040 AL2/ALASNITRO-ENCLAVES-2024-042 CVE - 2024-28180

Alma Linux: CVE-2024-28180: Important: container-tools:rhel8 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 05/08/2024 Added 05/08/2024 Modified 09/18/2024 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-fuse-overlayfs alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2024-28180 CVE - 2024-28180 https://errata.almalinux.org/8/ALSA-2024-3254.html https://errata.almalinux.org/8/ALSA-2024-3968.html https://errata.almalinux.org/9/ALSA-2024-2549.html https://errata.almalinux.org/9/ALSA-2024-3826.html https://errata.almalinux.org/9/ALSA-2024-3827.html

Red Hat OpenShift: CVE-2024-28176: jose: resource exhaustion Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 06/28/2024 Added 06/28/2024 Modified 11/13/2024 Description jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. Solution(s) linuxrpm-upgrade-podman linuxrpm-upgrade-skopeo References https://attackerkb.com/topics/cve-2024-28176 CVE - 2024-28176 RHSA-2024:0041 RHSA-2024:0045 RHSA-2024:3826 RHSA-2024:3827 RHSA-2024:3968 RHSA-2024:4591 RHSA-2024:5094 RHSA-2024:5294 RHSA-2024:6755 RHSA-2024:8676 RHSA-2024:9181 View more

Amazon Linux 2023: CVE-2024-28180: Medium priority package update for nerdctl Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:P) Published 03/09/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Solution(s) amazon-linux-2023-upgrade-nerdctl References https://attackerkb.com/topics/cve-2024-28180 CVE - 2024-28180 https://alas.aws.amazon.com/AL2023/ALAS-2024-700.html

FreeBSD: VID-DBE8C5BD-8D3F-11EF-8D2E-A04A5EDF46D9 (CVE-2024-28180): oauth2-proxy -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 10/23/2024 Added 10/22/2024 Modified 10/22/2024 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Solution(s) freebsd-upgrade-package-oauth2-proxy References CVE-2024-28180

Rocky Linux: CVE-2024-28180: container-tools:rhel8 bug fix and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 05/13/2024 Added 05/13/2024 Modified 11/18/2024 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Solution(s) rocky-upgrade-aardvark-dns rocky-upgrade-buildah rocky-upgrade-buildah-debuginfo rocky-upgrade-buildah-debugsource rocky-upgrade-buildah-tests rocky-upgrade-buildah-tests-debuginfo rocky-upgrade-conmon rocky-upgrade-conmon-debuginfo rocky-upgrade-conmon-debugsource rocky-upgrade-containernetworking-plugins rocky-upgrade-containernetworking-plugins-debuginfo rocky-upgrade-containernetworking-plugins-debugsource rocky-upgrade-containers-common rocky-upgrade-crit rocky-upgrade-criu rocky-upgrade-criu-debuginfo rocky-upgrade-criu-debugsource rocky-upgrade-criu-devel rocky-upgrade-criu-libs rocky-upgrade-criu-libs-debuginfo rocky-upgrade-crun rocky-upgrade-crun-debuginfo rocky-upgrade-crun-debugsource rocky-upgrade-fuse-overlayfs rocky-upgrade-fuse-overlayfs-debuginfo rocky-upgrade-fuse-overlayfs-debugsource rocky-upgrade-libslirp rocky-upgrade-libslirp-debuginfo rocky-upgrade-libslirp-debugsource rocky-upgrade-libslirp-devel rocky-upgrade-netavark rocky-upgrade-oci-seccomp-bpf-hook rocky-upgrade-oci-seccomp-bpf-hook-debuginfo rocky-upgrade-oci-seccomp-bpf-hook-debugsource rocky-upgrade-podman rocky-upgrade-podman-catatonit rocky-upgrade-podman-catatonit-debuginfo rocky-upgrade-podman-debuginfo rocky-upgrade-podman-debugsource rocky-upgrade-podman-gvproxy rocky-upgrade-podman-gvproxy-debuginfo rocky-upgrade-podman-plugins rocky-upgrade-podman-plugins-debuginfo rocky-upgrade-podman-remote rocky-upgrade-podman-remote-debuginfo rocky-upgrade-podman-tests rocky-upgrade-python3-criu rocky-upgrade-runc rocky-upgrade-runc-debuginfo rocky-upgrade-runc-debugsource rocky-upgrade-skopeo rocky-upgrade-skopeo-debuginfo rocky-upgrade-skopeo-debugsource rocky-upgrade-skopeo-tests rocky-upgrade-slirp4netns rocky-upgrade-slirp4netns-debuginfo rocky-upgrade-slirp4netns-debugsource rocky-upgrade-toolbox rocky-upgrade-toolbox-debuginfo rocky-upgrade-toolbox-debugsource rocky-upgrade-toolbox-tests References https://attackerkb.com/topics/cve-2024-28180 CVE - 2024-28180 https://errata.rockylinux.org/RLSA-2024:2549 https://errata.rockylinux.org/RLSA-2024:3254 https://errata.rockylinux.org/RLSA-2024:3826 https://errata.rockylinux.org/RLSA-2024:3827 https://errata.rockylinux.org/RLSA-2024:3968

Alma Linux: CVE-2024-28176: Moderate: container-tools:rhel8 bug fix and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 03/09/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/19/2024 Description jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. Solution(s) alma-upgrade-aardvark-dns alma-upgrade-buildah alma-upgrade-buildah-tests alma-upgrade-cockpit-podman alma-upgrade-conmon alma-upgrade-container-selinux alma-upgrade-containernetworking-plugins alma-upgrade-containers-common alma-upgrade-crit alma-upgrade-criu alma-upgrade-criu-devel alma-upgrade-criu-libs alma-upgrade-crun alma-upgrade-fuse-overlayfs alma-upgrade-jose alma-upgrade-libjose alma-upgrade-libjose-devel alma-upgrade-libslirp alma-upgrade-libslirp-devel alma-upgrade-netavark alma-upgrade-oci-seccomp-bpf-hook alma-upgrade-podman alma-upgrade-podman-catatonit alma-upgrade-podman-docker alma-upgrade-podman-gvproxy alma-upgrade-podman-plugins alma-upgrade-podman-remote alma-upgrade-podman-tests alma-upgrade-python3-criu alma-upgrade-python3-podman alma-upgrade-runc alma-upgrade-skopeo alma-upgrade-skopeo-tests alma-upgrade-slirp4netns alma-upgrade-toolbox alma-upgrade-toolbox-tests alma-upgrade-udica References https://attackerkb.com/topics/cve-2024-28176 CVE - 2024-28176 https://errata.almalinux.org/8/ALSA-2024-3968.html https://errata.almalinux.org/8/ALSA-2024-5294.html https://errata.almalinux.org/9/ALSA-2024-3826.html https://errata.almalinux.org/9/ALSA-2024-3827.html https://errata.almalinux.org/9/ALSA-2024-9181.html

Oracle Linux: CVE-2024-28180: ELSA-2024-2549:skopeo security and bug fix update (MODERATE) (Multiple Advisories) Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:P) Published 03/09/2024 Created 05/22/2024 Added 05/07/2024 Modified 01/07/2025 Description Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Solution(s) oracle-linux-upgrade-aardvark-dns oracle-linux-upgrade-buildah oracle-linux-upgrade-buildah-tests oracle-linux-upgrade-cockpit-podman oracle-linux-upgrade-conmon oracle-linux-upgrade-containernetworking-plugins oracle-linux-upgrade-containers-common oracle-linux-upgrade-container-selinux oracle-linux-upgrade-crit oracle-linux-upgrade-criu oracle-linux-upgrade-criu-devel oracle-linux-upgrade-criu-libs oracle-linux-upgrade-crun oracle-linux-upgrade-fuse-overlayfs oracle-linux-upgrade-libslirp oracle-linux-upgrade-libslirp-devel oracle-linux-upgrade-netavark oracle-linux-upgrade-oci-seccomp-bpf-hook oracle-linux-upgrade-podman oracle-linux-upgrade-podman-catatonit oracle-linux-upgrade-podman-docker oracle-linux-upgrade-podman-gvproxy oracle-linux-upgrade-podman-plugins oracle-linux-upgrade-podman-remote oracle-linux-upgrade-podman-tests oracle-linux-upgrade-python3-criu oracle-linux-upgrade-python3-podman oracle-linux-upgrade-runc oracle-linux-upgrade-skopeo oracle-linux-upgrade-skopeo-tests oracle-linux-upgrade-slirp4netns oracle-linux-upgrade-udica References https://attackerkb.com/topics/cve-2024-28180 CVE - 2024-28180 ELSA-2024-2549 ELSA-2024-3254 ELSA-2024-3827 ELSA-2024-3968 ELSA-2024-3826

Oracle Linux: CVE-2024-28176: ELSA-2024-5294:jose security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/09/2024 Created 06/14/2024 Added 06/12/2024 Modified 01/07/2025 Description jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user's environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service. Solution(s) oracle-linux-upgrade-aardvark-dns oracle-linux-upgrade-buildah oracle-linux-upgrade-buildah-tests oracle-linux-upgrade-cockpit-podman oracle-linux-upgrade-conmon oracle-linux-upgrade-containernetworking-plugins oracle-linux-upgrade-containers-common oracle-linux-upgrade-container-selinux oracle-linux-upgrade-crit oracle-linux-upgrade-criu oracle-linux-upgrade-criu-devel oracle-linux-upgrade-criu-libs oracle-linux-upgrade-crun oracle-linux-upgrade-fuse-overlayfs oracle-linux-upgrade-jose oracle-linux-upgrade-libjose oracle-linux-upgrade-libjose-devel oracle-linux-upgrade-libslirp oracle-linux-upgrade-libslirp-devel oracle-linux-upgrade-netavark oracle-linux-upgrade-oci-seccomp-bpf-hook oracle-linux-upgrade-podman oracle-linux-upgrade-podman-catatonit oracle-linux-upgrade-podman-docker oracle-linux-upgrade-podman-gvproxy oracle-linux-upgrade-podman-plugins oracle-linux-upgrade-podman-remote oracle-linux-upgrade-podman-tests oracle-linux-upgrade-python3-criu oracle-linux-upgrade-python3-podman oracle-linux-upgrade-runc oracle-linux-upgrade-skopeo oracle-linux-upgrade-skopeo-tests oracle-linux-upgrade-slirp4netns oracle-linux-upgrade-udica References https://attackerkb.com/topics/cve-2024-28176 CVE - 2024-28176 ELSA-2024-5294 ELSA-2024-3827 ELSA-2024-3968 ELSA-2024-3826 ELSA-2024-9181

Oracle Linux: CVE-2024-28102: ELSA-2024-2559:python-jwcrypto security update (MODERATE) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 03/08/2024 Created 05/22/2024 Added 05/07/2024 Modified 01/08/2025 Description JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot of memory and processing time. Version 1.5.6 fixes this vulnerability by limiting the maximum token length. An uncontrolled resource consumption vulnerability was found in python-jwcrypto. If a malicious JWE token with a high compression ratio is passed to the server, the server will consume a lot of memory and processing time, leading to a denial of service. Solution(s) oracle-linux-upgrade-bind-dyndb-ldap oracle-linux-upgrade-custodia oracle-linux-upgrade-ipa-client oracle-linux-upgrade-ipa-client-common oracle-linux-upgrade-ipa-client-epn oracle-linux-upgrade-ipa-client-samba oracle-linux-upgrade-ipa-common oracle-linux-upgrade-ipa-healthcheck oracle-linux-upgrade-ipa-healthcheck-core oracle-linux-upgrade-ipa-python-compat oracle-linux-upgrade-ipa-selinux oracle-linux-upgrade-ipa-server oracle-linux-upgrade-ipa-server-common oracle-linux-upgrade-ipa-server-dns oracle-linux-upgrade-ipa-server-trust-ad oracle-linux-upgrade-opendnssec oracle-linux-upgrade-python3-custodia oracle-linux-upgrade-python3-ipaclient oracle-linux-upgrade-python3-ipalib oracle-linux-upgrade-python3-ipaserver oracle-linux-upgrade-python3-ipatests oracle-linux-upgrade-python3-jwcrypto oracle-linux-upgrade-python3-kdcproxy oracle-linux-upgrade-python3-pyusb oracle-linux-upgrade-python3-qrcode oracle-linux-upgrade-python3-qrcode-core oracle-linux-upgrade-python3-yubico oracle-linux-upgrade-slapi-nis oracle-linux-upgrade-softhsm oracle-linux-upgrade-softhsm-devel References https://attackerkb.com/topics/cve-2024-28102 CVE - 2024-28102 ELSA-2024-2559 ELSA-2024-3267

OS X update for ColorSync (CVE-2024-23247) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/08/2024 Created 03/09/2024 Added 03/08/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Processing a file may lead to unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-12_7_4 apple-osx-upgrade-13_6_5 apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23247 CVE - 2024-23247 https://support.apple.com/en-us/120884 https://support.apple.com/en-us/120886 https://support.apple.com/en-us/120895

OS X update for Kerberos v5 PAM module (CVE-2024-23266) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 03/08/2024 Created 03/09/2024 Added 03/08/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-12_7_4 apple-osx-upgrade-13_6_5 apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23266 CVE - 2024-23266 https://support.apple.com/en-us/120884 https://support.apple.com/en-us/120886 https://support.apple.com/en-us/120895

OS X update for libxpc (CVE-2024-23201) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 03/08/2024 Created 03/09/2024 Added 03/08/2024 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.7.4, watchOS 10.3, tvOS 17.3, macOS Ventura 13.6.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3. An app may be able to cause a denial-of-service. Solution(s) apple-osx-upgrade-12_7_4 apple-osx-upgrade-13_6_5 apple-osx-upgrade-14_3 References https://attackerkb.com/topics/cve-2024-23201 CVE - 2024-23201 https://support.apple.com/en-us/120309 https://support.apple.com/en-us/120884 https://support.apple.com/en-us/120886

OS X update for MediaRemote (CVE-2023-28826) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/08/2024 Created 03/09/2024 Added 03/08/2024 Modified 01/28/2025 Description This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data. Solution(s) apple-osx-upgrade-12_7_4 apple-osx-upgrade-13_6_5 apple-osx-upgrade-14_1 References https://attackerkb.com/topics/cve-2023-28826 CVE - 2023-28826 https://support.apple.com/en-us/120884 https://support.apple.com/en-us/120886 https://support.apple.com/kb/HT213984

OS X update for Share Sheet (CVE-2024-23231) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 03/08/2024 Created 03/09/2024 Added 03/08/2024 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-13_6_5 apple-osx-upgrade-14_4 References https://attackerkb.com/topics/cve-2024-23231 CVE - 2024-23231 https://support.apple.com/en-us/120886 https://support.apple.com/en-us/120895

SUSE: CVE-2024-23280: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 03/08/2024 Created 04/15/2024 Added 04/15/2024 Modified 01/28/2025 Description An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user. Solution(s) suse-upgrade-libjavascriptcoregtk-4_0-18 suse-upgrade-libjavascriptcoregtk-4_0-18-32bit suse-upgrade-libjavascriptcoregtk-4_1-0 suse-upgrade-libjavascriptcoregtk-4_1-0-32bit suse-upgrade-libjavascriptcoregtk-6_0-1 suse-upgrade-libwebkit2gtk-4_0-37 suse-upgrade-libwebkit2gtk-4_0-37-32bit suse-upgrade-libwebkit2gtk-4_1-0 suse-upgrade-libwebkit2gtk-4_1-0-32bit suse-upgrade-libwebkit2gtk3-lang suse-upgrade-libwebkitgtk-6_0-4 suse-upgrade-typelib-1_0-javascriptcore-4_0 suse-upgrade-typelib-1_0-javascriptcore-4_1 suse-upgrade-typelib-1_0-javascriptcore-6_0 suse-upgrade-typelib-1_0-webkit-6_0 suse-upgrade-typelib-1_0-webkit2-4_0 suse-upgrade-typelib-1_0-webkit2-4_1 suse-upgrade-typelib-1_0-webkit2webextension-4_0 suse-upgrade-typelib-1_0-webkit2webextension-4_1 suse-upgrade-typelib-1_0-webkitwebprocessextension-6_0 suse-upgrade-webkit-jsc-4 suse-upgrade-webkit-jsc-4-1 suse-upgrade-webkit-jsc-6-0 suse-upgrade-webkit2gtk-4_0-injected-bundles suse-upgrade-webkit2gtk-4_1-injected-bundles suse-upgrade-webkit2gtk3-devel suse-upgrade-webkit2gtk3-minibrowser suse-upgrade-webkit2gtk3-soup2-devel suse-upgrade-webkit2gtk3-soup2-minibrowser suse-upgrade-webkit2gtk4-devel suse-upgrade-webkit2gtk4-minibrowser suse-upgrade-webkitgtk-4-0-lang suse-upgrade-webkitgtk-4-1-lang suse-upgrade-webkitgtk-6-0-lang suse-upgrade-webkitgtk-6_0-injected-bundles References https://attackerkb.com/topics/cve-2024-23280 CVE - 2024-23280

SUSE: CVE-2024-23226: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/08/2024 Created 06/13/2024 Added 06/12/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. Processing web content may lead to arbitrary code execution. Solution(s) suse-upgrade-libjavascriptcoregtk-4_0-18 suse-upgrade-libjavascriptcoregtk-4_0-18-32bit suse-upgrade-libjavascriptcoregtk-4_1-0 suse-upgrade-libjavascriptcoregtk-4_1-0-32bit suse-upgrade-libjavascriptcoregtk-6_0-1 suse-upgrade-libwebkit2gtk-4_0-37 suse-upgrade-libwebkit2gtk-4_0-37-32bit suse-upgrade-libwebkit2gtk-4_1-0 suse-upgrade-libwebkit2gtk-4_1-0-32bit suse-upgrade-libwebkit2gtk3-lang suse-upgrade-libwebkitgtk-6_0-4 suse-upgrade-typelib-1_0-javascriptcore-4_0 suse-upgrade-typelib-1_0-javascriptcore-4_1 suse-upgrade-typelib-1_0-javascriptcore-6_0 suse-upgrade-typelib-1_0-webkit-6_0 suse-upgrade-typelib-1_0-webkit2-4_0 suse-upgrade-typelib-1_0-webkit2-4_1 suse-upgrade-typelib-1_0-webkit2webextension-4_0 suse-upgrade-typelib-1_0-webkit2webextension-4_1 suse-upgrade-typelib-1_0-webkitwebprocessextension-6_0 suse-upgrade-webkit-jsc-4 suse-upgrade-webkit-jsc-4-1 suse-upgrade-webkit-jsc-6-0 suse-upgrade-webkit2gtk-4_0-injected-bundles suse-upgrade-webkit2gtk-4_1-injected-bundles suse-upgrade-webkit2gtk3-devel suse-upgrade-webkit2gtk3-minibrowser suse-upgrade-webkit2gtk3-soup2-devel suse-upgrade-webkit2gtk3-soup2-minibrowser suse-upgrade-webkit2gtk4-devel suse-upgrade-webkit2gtk4-minibrowser suse-upgrade-webkitgtk-4-0-lang suse-upgrade-webkitgtk-4-1-lang suse-upgrade-webkitgtk-6-0-lang suse-upgrade-webkitgtk-6_0-injected-bundles References https://attackerkb.com/topics/cve-2024-23226 CVE - 2024-23226

Alma Linux: CVE-2023-52486: Important: kernel security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 03/11/2024 Created 08/13/2024 Added 08/12/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from the top. But we forget to reset the fb pointer back to NULL, and so if we then get another error during the retry, before the fb lookup, we proceed the unref the same fb again without having gotten another reference. The end result is that the fb will (eventually) end up being freed while it's still in use. Reset fb to NULL once we've unreffed it to avoid doing it again until we've done another fb lookup. This turned out to be pretty easy to hit on a DG2 when doing async flips (and CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y). The first symptom I saw that drm_closefb() simply got stuck in a busy loop while walking the framebuffer list. Fortunately I was able to convince it to oops instead, and from there it was easier to track down the culprit. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-52486 CVE - 2023-52486 https://errata.almalinux.org/8/ALSA-2024-5101.html https://errata.almalinux.org/8/ALSA-2024-5102.html