A vulnerability has been discovered in SolarWinds Access Rights Manager that could allow for privilege escalation. Successful exploitation of this vulnerability could allow for privilege escalation in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Category Archives: Advisories
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
USN-6766-2: Linux kernel vulnerabilities
It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)
Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)
Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– PowerPC architecture;
– S390 architecture;
– Core kernel;
– Block layer subsystem;
– Android drivers;
– Power management core;
– Bus devices;
– Hardware random number generator core;
– Cryptographic API;
– Device frequency;
– DMA engine subsystem;
– ARM SCMI message protocol;
– GPU drivers;
– HID subsystem;
– Hardware monitoring drivers;
– I2C subsystem;
– IIO ADC drivers;
– IIO subsystem;
– IIO Magnetometer sensors drivers;
– InfiniBand drivers;
– Media drivers;
– Network drivers;
– PCI driver for MicroSemi Switchtec;
– PHY drivers;
– SCSI drivers;
– DesignWare USB3 driver;
– BTRFS file system;
– Ceph distributed file system;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– NILFS2 file system;
– NTFS3 file system;
– Pstore file system;
– SMB network file system;
– Memory management;
– CAN network layer;
– Networking core;
– HSR network protocol;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– Multipath TCP;
– Netfilter;
– NFC subsystem;
– SMC sockets;
– Sun RPC protocol;
– TIPC protocol;
– Unix domain sockets;
– Realtek audio codecs;
(CVE-2023-52594, CVE-2023-52601, CVE-2024-26826, CVE-2023-52622,
CVE-2024-26665, CVE-2023-52493, CVE-2023-52633, CVE-2024-26684,
CVE-2024-26663, CVE-2023-52618, CVE-2023-52588, CVE-2023-52637,
CVE-2024-26825, CVE-2023-52606, CVE-2024-26594, CVE-2024-26625,
CVE-2024-26720, CVE-2024-26614, CVE-2023-52627, CVE-2023-52602,
CVE-2024-26673, CVE-2024-26685, CVE-2023-52638, CVE-2023-52498,
CVE-2023-52619, CVE-2024-26910, CVE-2024-26689, CVE-2023-52583,
CVE-2024-26676, CVE-2024-26671, CVE-2024-26704, CVE-2024-26608,
CVE-2024-26610, CVE-2024-26592, CVE-2023-52599, CVE-2023-52595,
CVE-2024-26660, CVE-2023-52617, CVE-2024-26645, CVE-2023-52486,
CVE-2023-52631, CVE-2023-52607, CVE-2023-52608, CVE-2024-26722,
CVE-2024-26615, CVE-2023-52615, CVE-2024-26636, CVE-2023-52642,
CVE-2023-52587, CVE-2024-26712, CVE-2024-26675, CVE-2023-52614,
CVE-2024-26606, CVE-2024-26916, CVE-2024-26600, CVE-2024-26679,
CVE-2024-26829, CVE-2024-26641, CVE-2023-52623, CVE-2024-26627,
CVE-2024-26696, CVE-2024-26640, CVE-2024-26635, CVE-2023-52491,
CVE-2024-26664, CVE-2024-26602, CVE-2023-52604, CVE-2024-26717,
CVE-2023-52643, CVE-2024-26593, CVE-2023-52598, CVE-2024-26668,
CVE-2023-52435, CVE-2023-52597, CVE-2024-26715, CVE-2024-26707,
CVE-2023-52635, CVE-2024-26695, CVE-2024-26698, CVE-2023-52494,
CVE-2024-26920, CVE-2024-26808, CVE-2023-52616, CVE-2023-52492,
CVE-2024-26702, CVE-2024-26644, CVE-2023-52489, CVE-2024-26697)
git-2.45.1-1.fc39
FEDORA-2024-4c06645f07
Packages in this update:
git-2.45.1-1.fc39
Update description:
update to 2.45.1
git-2.45.1-1.fc40
FEDORA-2024-ecba8476e2
Packages in this update:
git-2.45.1-1.fc40
Update description:
update to 2.45.1
ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-4044.
ZDI-24-455: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 9.9. The following CVEs are assigned: CVE-2024-28075.
ZDI-24-454: SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.6. The following CVEs are assigned: CVE-2024-23473.
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution.
Mozilla Firefox is a web browser used to access the Internet.
Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.
Mozilla Thunderbird is an email client.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Multiple Vulnerabilities in Siemens Ruggedcom Crossbow Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Siemens Ruggedcom Crossbow, the most severe of which could allow for arbitrary code execution. Siemens Ruggedcom Crossbow Access Management solution designed to provide cybersecurity compliance for industrial control systems. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.