USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides
the corresponding update for Ubuntu 24.04 LTS.
Original advisory details:
Charles Fol discovered that the GNU C Library iconv feature incorrectly
handled certain input sequences. An attacker could use this issue to cause
the GNU C Library to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Ingo Brückl discovered that cpio contained a path traversal vulnerability.
If a user or automated system were tricked into extracting a specially
crafted cpio archive, an attacker could possibly use this issue to write
arbitrary files outside the target directory on the host, even if using the
option –no-absolute-filenames.
It was discovered that less mishandled newline characters in file names. If
a user or automated system were tricked into opening specially crafted
files, an attacker could possibly use this issue to execute arbitrary
commands on the host.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. User interaction is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2023-51633.
tpm2-tools-5.7-1.fc40
tpm2-tss-4.1.0-1.fc40
tpm2-tss:
Fixed CVE-2024-29040
tpm2-tools:
Fixed CVE-2024-29038
Fixed CVE-2024-29039
tpm2-tools-5.5.1-1.fc39
tpm2-tss-4.0.2-1.fc39
tpm2-tss:
Fixed CVE-2024-29040
tpm2-tools:
Fixed CVE-2024-29038
Fixed CVE-2024-29039
tpm2-tools-5.5.1-1.fc38
tpm2-tss-4.0.2-1.fc38
tpm2-tss:
Fixed CVE-2024-29040
tpm2-tools:
Fixed CVE-2024-29038
Fixed CVE-2024-29039
webkit2gtk4.0-2.44.1-1.fc40
Update to 2.44.1
kernel-6.8.8-200.fc39
The 6.8.8 stable kernel update contains a number of important fixes across the tree.
kernel-6.8.8-100.fc38
The 6.8.8 stable kernel update contains a number of important fixes across the tree.
