Daily Archives: April 12, 2024

News

Friday Squid Blogging: The Awfulness of Squid Fishing Boats

Read Time:11 Second

It’s a pretty awful story.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Read More

Advisories

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)

Read Time:39 Second

What is the vulnerability/attack?
A critical unauthenticated remote code injection vulnerability in the PAN-OS GlobalProtect Gateway was discovered. This vulnerability tracked under CVE-2024-3400 has a CVSS rating of 10.0. The GlobalProtect Gateway provides security solution for roaming users by extending the same next-generation firewall-based policies. According to the vendor advisory, active exploitation is on-going.

What is the recommended Mitigation?

The vendor has released a threat prevention signature and is currently developing a hotfix releases of PAN-OS.

What FortiGuard Coverage is available?
As the situation is still developing; the FortiGuard team will update the threat signal and provide more information on related protections as they are released. FortiGuard Incident Response team can be engaged to help with any suspected compromise.

Read More

Advisories

unbound-1.19.3-1.fc41

Read Time:29 Second

FEDORA-2024-5f32029828

Packages in this update:

unbound-1.19.3-1.fc41

Update description:

Automatic update for unbound-1.19.3-1.fc41.

Changelog

* Fri Apr 12 2024 Petr Menšík <pemensik@redhat.com> – 1.19.3-1
– Update to 1.19.3 (rhbz#2268404)
– Fix CVE-2024-1931, Denial of service when trimming EDE text on positive
replies. (rhbz#2268419)
– Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
– Bug fixes
* Sat Mar 9 2024 Paul Wouters <paul.wouters@aiven.io> – 1.19.1-4
– Add spec file comment

Read More

Advisories

chromium-123.0.6312.122-1.fc38

Read Time:15 Second

FEDORA-2024-f94660c56d

Packages in this update:

chromium-123.0.6312.122-1.fc38

Update description:

update to 123.0.6312.122

* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn

Read More

Advisories

chromium-123.0.6312.122-1.fc40

Read Time:15 Second

FEDORA-2024-4d2d73ab31

Packages in this update:

chromium-123.0.6312.122-1.fc40

Update description:

update to 123.0.6312.122

* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn

Read More

Advisories

chromium-123.0.6312.122-1.fc39

Read Time:15 Second

FEDORA-2024-fe9a675a37

Packages in this update:

chromium-123.0.6312.122-1.fc39

Update description:

update to 123.0.6312.122

* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn

Read More

Advisories

A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution

Read Time:22 Second

A vulnerability has been discovered in PAN-OS that could allow for arbitrary code execution. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the root user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Read More