Category Archives: Advisories

Critical Patches Issued for Microsoft Products, December 10, 2024

Read Time:24 Second

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

Read Time:28 Second

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

USN-7148-1: Linux kernel vulnerabilities

Read Time:1 Minute, 14 Second

Lyu Tao discovered that the NFS implementation in the Linux kernel did not
properly handle requests to open a directory on a regular file. A local
attacker could use this to expose sensitive information (kernel memory).

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– x86 architecture;
– ATM drivers;
– Device frequency scaling framework;
– GPU drivers;
– Hardware monitoring drivers;
– VMware VMCI Driver;
– MTD block device drivers;
– Network drivers;
– Device tree and open firmware driver;
– SCSI subsystem;
– USB Serial drivers;
– BTRFS file system;
– File systems infrastructure;
– F2FS file system;
– JFS file system;
– NILFS2 file system;
– Netfilter;
– Memory management;
– Ethernet bridge;
– IPv6 networking;
– Logical Link layer;
– MAC80211 subsystem;
– NFC subsystem;
– Network traffic control;
(CVE-2021-47055, CVE-2024-26675, CVE-2024-42244, CVE-2024-46743,
CVE-2024-41095, CVE-2024-46756, CVE-2024-46723, CVE-2024-46759,
CVE-2024-35877, CVE-2024-38538, CVE-2024-26668, CVE-2024-44998,
CVE-2024-42309, CVE-2024-46758, CVE-2024-46800, CVE-2022-48733,
CVE-2023-52531, CVE-2023-52599, CVE-2024-46722, CVE-2024-42240,
CVE-2024-44987, CVE-2023-52502, CVE-2023-52578, CVE-2024-41059,
CVE-2024-41071, CVE-2024-44942, CVE-2024-46738, CVE-2022-48943,
CVE-2023-52614, CVE-2024-27397, CVE-2024-38560, CVE-2024-43882,
CVE-2024-42104, CVE-2024-46757, CVE-2024-26636, CVE-2024-26633,
CVE-2024-41089, CVE-2024-42310, CVE-2022-48938)

Read More

USN-7147-1: Apache Shiro vulnerabilities

Read Time:42 Second

It was discovered that Apache Shiro incorrectly handled path traversal when
used with other web frameworks or path rewriting. An attacker could
possibly use this issue to obtain sensitive information or administrative
privileges. This update provides the corresponding fix for Ubuntu 24.04 LTS
and Ubuntu 24.10. (CVE-2023-34478, CVE-2023-46749)

It was discovered that Apache Shiro incorrectly handled web redirects when
used together with the form authentication method. An attacker could
possibly use this issue to perform phishing attacks. This update provides
the corresponding fix for Ubuntu 24.04 LTS and Ubuntu 24.10.
(CVE-2023-46750)

It was discovered that Apache Shiro incorrectly handled requests through
servlet filtering. An attacker could possibly use this issue to obtain
administrative privileges. This update provides the corresponding fix for
Ubuntu 16.04 LTS. (CVE-2016-6802)

Read More

gh-2.63.2-1.fc42

Read Time:18 Second

FEDORA-2024-378ed6dffe

Packages in this update:

gh-2.63.2-1.fc42

Update description:

Automatic update for gh-2.63.2-1.fc42.

Changelog

* Tue Dec 10 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> – 2.63.2-1
– Update to 2.63.2 – Closes rhbz#2273304 rhbz#2292682 rhbz#2322519
rhbz#2329265 rhbz#2330387 rhbz#2330388

Read More

python3.13-3.13.1-2.fc42

Read Time:24 Second

FEDORA-2024-0c29724c11

Packages in this update:

python3.13-3.13.1-2.fc42

Update description:

Automatic update for python3.13-3.13.1-2.fc42.

Changelog

* Mon Dec 9 2024 Miro Hrončok <mhroncok@redhat.com> – 3.13.1-2
– Security fix for CVE-2024-12254
– Fixes: rhbz#2330927
* Tue Dec 3 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.13.1-1
– Update to 3.13.1
– Security fix for CVE-2024-9287
– Fixes: rhbz#2321657

Read More

USN-7146-1: Dogtag PKI vulnerabilities

Read Time:38 Second

Christina Fu discovered that Dogtag PKI accidentally enabled a mock
authentication plugin by default. An attacker could potentially use
this flaw to bypass the regular authentication process and trick the
CA server into issuing certificates. This issue only affected Ubuntu
16.04 LTS. (CVE-2017-7537)

It was discovered that Dogtag PKI did not properly sanitize user
input. An attacker could possibly use this issue to perform cross site
scripting and obtain sensitive information. This issue only affected
Ubuntu 22.04 LTS. (CVE-2020-25715)

It was discovered that the XML parser did not properly handle entity
expansion. A remote attacker could potentially retrieve the content of
arbitrary files by sending specially crafted HTTP requests. This issue
only affected Ubuntu 16.04 LTS. (CVE-2022-2414)

Read More

ZDI-24-1655: Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-11156.

Read More

ZDI-24-1654: Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-11156.

Read More