389-ds-base-3.0.4-2.fc40

Read Time:25 Second

FEDORA-2024-ac07913be8

Packages in this update:

389-ds-base-3.0.4-2.fc40

Update description:

Changelog

* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.0.4-2
– Replace lmdb with lmdb-libs in Requires

* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.0.4-1
– Update to 3.0.4
– Resolves: CVE-2024-1062 (rhbz#2261884)
– Resolves: CVE-2024-2199 (rhbz#2283632)
– Resolves: CVE-2024-3657 (rhbz#2283631)
– Resolves: CVE-2024-5953 (rhbz#2292109)

Read More

389-ds-base-3.1.1-1.fc41

Read Time:22 Second

FEDORA-2024-48c0a7fa73

Packages in this update:

389-ds-base-3.1.1-1.fc41

Update description:

Automatic update for 389-ds-base-3.1.1-1.fc41.

Changelog

* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.1.1-1
– Update to 3.1.1
– Resolves: CVE-2024-1062 (rhbz#2261884)
– Resolves: CVE-2024-2199 (rhbz#2283632)
– Resolves: CVE-2024-3657 (rhbz#2283631)
– Resolves: CVE-2024-5953 (rhbz#2292109)

Read More

USN-6927-1: Linux kernel vulnerabilities

Read Time:4 Minute, 40 Second

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde
discovered that an untrusted hypervisor could inject malicious #VC
interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw
is known as WeSee. A local attacker in control of the hypervisor could use
this to expose sensitive information or possibly execute arbitrary code in
the trusted execution environment. (CVE-2024-25742)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– RISC-V architecture;
– x86 architecture;
– Block layer subsystem;
– Accessibility subsystem;
– Android drivers;
– Bluetooth drivers;
– Clock framework and drivers;
– Data acquisition framework and drivers;
– Cryptographic API;
– DMA engine subsystem;
– GPU drivers;
– HID subsystem;
– I2C subsystem;
– IRQ chip drivers;
– Multiple devices driver;
– VMware VMCI Driver;
– MMC subsystem;
– Network drivers;
– Device tree and open firmware driver;
– PCI subsystem;
– S/390 drivers;
– SCSI drivers;
– Freescale SoC drivers;
– Trusted Execution Environment drivers;
– TTY drivers;
– USB subsystem;
– VFIO drivers;
– Framebuffer layer;
– Xen hypervisor drivers;
– File systems infrastructure;
– BTRFS file system;
– Ext4 file system;
– FAT file system;
– Network file system client;
– Network file system server daemon;
– NILFS2 file system;
– Pstore file system;
– SMB network file system;
– UBI file system;
– Netfilter;
– BPF subsystem;
– Core kernel;
– PCI iomap interfaces;
– Memory management;
– B.A.T.M.A.N. meshing protocol;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– Distributed Switch Architecture;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– IEEE 802.15.4 subsystem;
– NFC subsystem;
– Open vSwitch;
– RDS protocol;
– Network traffic control;
– SMC sockets;
– Unix domain sockets;
– eXpress Data Path;
– ALSA SH drivers;
– KVM core;
(CVE-2024-35902, CVE-2024-35958, CVE-2024-35978, CVE-2024-35886,
CVE-2024-35807, CVE-2024-26994, CVE-2024-36004, CVE-2024-35955,
CVE-2024-26925, CVE-2024-27059, CVE-2024-35989, CVE-2024-35940,
CVE-2024-26952, CVE-2024-35907, CVE-2024-35819, CVE-2024-35872,
CVE-2024-36016, CVE-2023-52488, CVE-2024-35884, CVE-2024-26886,
CVE-2024-27018, CVE-2024-35905, CVE-2024-35897, CVE-2024-26929,
CVE-2024-36007, CVE-2024-35855, CVE-2024-35885, CVE-2024-26965,
CVE-2024-35896, CVE-2024-36029, CVE-2024-35813, CVE-2024-26811,
CVE-2024-26923, CVE-2024-26961, CVE-2024-26958, CVE-2024-35997,
CVE-2024-35809, CVE-2024-27396, CVE-2023-52880, CVE-2024-26966,
CVE-2024-27017, CVE-2024-26812, CVE-2024-35960, CVE-2024-35805,
CVE-2024-35982, CVE-2024-35976, CVE-2024-35888, CVE-2024-26955,
CVE-2024-27019, CVE-2024-35970, CVE-2024-35984, CVE-2024-27393,
CVE-2024-26977, CVE-2024-27000, CVE-2024-35918, CVE-2024-26937,
CVE-2024-35785, CVE-2024-35933, CVE-2024-26973, CVE-2022-48808,
CVE-2024-35922, CVE-2024-35915, CVE-2024-35806, CVE-2024-26976,
CVE-2024-26934, CVE-2024-26981, CVE-2024-36005, CVE-2024-26935,
CVE-2024-26960, CVE-2024-26642, CVE-2024-27395, CVE-2024-35900,
CVE-2024-26814, CVE-2024-26922, CVE-2024-35804, CVE-2024-26957,
CVE-2024-35930, CVE-2023-52699, CVE-2024-36020, CVE-2024-35796,
CVE-2024-35934, CVE-2024-26931, CVE-2024-35899, CVE-2024-27004,
CVE-2024-35853, CVE-2024-35871, CVE-2024-26984, CVE-2024-35925,
CVE-2024-35969, CVE-2024-35789, CVE-2024-35879, CVE-2024-36006,
CVE-2024-26813, CVE-2024-35988, CVE-2024-36008, CVE-2024-35910,
CVE-2024-35791, CVE-2024-26974, CVE-2024-26993, CVE-2024-35849,
CVE-2024-26926, CVE-2024-35877, CVE-2024-26989, CVE-2024-35935,
CVE-2024-26817, CVE-2024-35912, CVE-2024-27013, CVE-2024-35973,
CVE-2024-35890, CVE-2024-35823, CVE-2024-35822, CVE-2024-27015,
CVE-2024-35944, CVE-2024-35821, CVE-2024-26687, CVE-2024-27009,
CVE-2024-35895, CVE-2024-35852, CVE-2024-35893, CVE-2024-26810,
CVE-2024-26950, CVE-2024-35817, CVE-2024-26996, CVE-2024-27020,
CVE-2024-35990, CVE-2024-26956, CVE-2024-27001, CVE-2024-26988,
CVE-2024-26629, CVE-2024-26654, CVE-2024-35851, CVE-2024-27437,
CVE-2024-35854, CVE-2024-35857, CVE-2024-26964, CVE-2024-35847,
CVE-2024-35936, CVE-2023-52752, CVE-2024-36025, CVE-2024-26924,
CVE-2024-26643, CVE-2024-26969, CVE-2024-35950, CVE-2024-35825,
CVE-2024-27016, CVE-2024-35938, CVE-2024-26999, CVE-2024-35898,
CVE-2024-26828, CVE-2024-35815, CVE-2024-26970, CVE-2024-26951,
CVE-2024-27008)

Read More

chromium-127.0.6533.72-1.el9

Read Time:47 Second

FEDORA-EPEL-2024-862b797b08

Packages in this update:

chromium-127.0.6533.72-1.el9

Update description:

update to 127.0.6533.72

* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input in Safe

Read More

chromium-127.0.6533.72-1.fc39

Read Time:46 Second

FEDORA-2024-f2e57b108e

Packages in this update:

chromium-127.0.6533.72-1.fc39

Update description:

update to 127.0.6533.72

* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input in Safe

Read More

chromium-127.0.6533.72-1.el8

Read Time:47 Second

FEDORA-EPEL-2024-08de4453df

Packages in this update:

chromium-127.0.6533.72-1.el8

Update description:

update to 127.0.6533.72

* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input in Safe

Read More

chromium-127.0.6533.72-1.fc40

Read Time:46 Second

FEDORA-2024-1b52220975

Packages in this update:

chromium-127.0.6533.72-1.fc40

Update description:

update to 127.0.6533.72

* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input in Safe

Read More

Providing Security Updates to Automobile Software

Read Time:2 Minute, 6 Second

Auto manufacturers are just starting to realize the problems of supporting the software in older models:

Today’s phones are able to receive updates six to eight years after their purchase date. Samsung and Google provide Android OS updates and security updates for seven years. Apple halts servicing products seven years after they stop selling them.

That might not cut it in the auto world, where the average age of cars on US roads is only going up. A recent report found that cars and trucks just reached a new record average age of 12.6 years, up two months from 2023. That means the car software hitting the road today needs to work­—and maybe even improve—­beyond 2036. The average length of smartphone ownership is just 2.8 years.

I wrote about this in 2018, in Click Here to Kill Everything, talking about patching as a security mechanism:

This won’t work with more durable goods. We might buy a new DVR every 5 or 10 years, and a refrigerator every 25 years. We drive a car we buy today for a decade, sell it to someone else who drives it for another decade, and that person sells it to someone who ships it to a Third World country, where it’s resold yet again and driven for yet another decade or two. Go try to boot up a 1978 Commodore PET computer, or try to run that year’s VisiCalc, and see what happens; we simply don’t know how to maintain 40-year-old [consumer] software.

Consider a car company. It might sell a dozen different types of cars with a dozen different software builds each year. Even assuming that the software gets updated only every two years and the company supports the cars for only two decades, the company needs to maintain the capability to update 20 to 30 different software versions. (For a company like Bosch that supplies automotive parts for many different manufacturers, the number would be more like 200.) The expense and warehouse size for the test vehicles and associated equipment would be enormous. Alternatively, imagine if car companies announced that they would no longer support vehicles older than five, or ten, years. There would be serious environmental consequences.

We really don’t have a good solution here. Agile updates is how we maintain security in a world where new vulnerabilities arise all the time, and we don’t have the economic incentive to secure things properly from the start.

Read More

USN-6923-2: Linux kernel vulnerabilities

Read Time:34 Second

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde
discovered that an untrusted hypervisor could inject malicious #VC
interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw
is known as WeSee. A local attacker in control of the hypervisor could use
this to expose sensitive information or possibly execute arbitrary code in
the trusted execution environment. (CVE-2024-25742)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– TTY drivers;
– SMB network file system;
– Netfilter;
– Bluetooth subsystem;
(CVE-2024-26886, CVE-2023-52752, CVE-2024-36016, CVE-2024-26952,
CVE-2024-27017)

Read More