Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-05-2024-1 iOS 17.4 and iPadOS 17.4

iOS 17.4 and iPadOS 17.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214081.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Additional CVE entries coming soon.

Accessibility
Available for: iPhone XS and later, iPad Pro…

Read More

Posted by malvuln on Mar 13

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/6268df4c9c805c90725dde4fe5ef6fea.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Beastdoor.oq
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 1332, makes outbound
connections to SMTP port 25 and executes a PE file named svchost.exe
dropped in…

Read More

Posted by lixts via Fulldisclosure on Mar 13

StimulusReflex CVE-2024-28121

Arbitrary code execution in StimulusReflex. This affects version 3.5.0 up to and including 3.5.0.rc2 and v3.5.0.pre10.

## Vulnerable code excerpt

stimulus_reflex/lib/stimulus_reflex/reflex.rb
“`
# Invoke the reflex action specified by `name` and run all callbacks
def process(name, *args)
run_callbacks(:process) { public_send(name, *args) }
end
“`

stimulus_reflex/app/channels/stimulus_reflex/channel.rb…

Read More

Posted by Valentin Lobstein via Fulldisclosure on Mar 13

CVE ID: CVE-2024-25228

Title: Authenticated Command Injection Vulnerability in ManoeuvreHandler.class.php of Vinchin Backup & Recovery
Versions 7.2 and Earlier

Description:
A critical security vulnerability has been discovered in the `getVerifydiyResult` function within the
`ManoeuvreHandler.class.php` file of Vinchin Backup & Recovery software, affecting versions 7.2 and earlier. This
function, intended for validating IP addresses…

Read More

FEDORA-EPEL-2024-0e36aae9a6

Packages in this update:

apptainer-1.3.0-1.el9

Update description:

Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and CVE-2024-28180

Read More

FEDORA-2024-560a7aca85

Packages in this update:

apptainer-1.3.0-1.fc40

Update description:

Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and CVE-2024-28180

Read More

FEDORA-EPEL-2024-d7cc38dee9

Packages in this update:

apptainer-1.3.0-1.el8

Update description:

Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and CVE-2024-28180

Read More

FEDORA-2024-453ee0b3b9

Packages in this update:

apptainer-1.3.0-1.fc39

Update description:

Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and CVE-2024-28180

Read More

FEDORA-EPEL-2024-88b6d1940a

Packages in this update:

apptainer-1.3.0-1.el7

Update description:

Update to upstream 1.3.0, and security fixes for CVE-2024-28176 and CVE-2024-28180

Read More

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the
Linux kernel did not properly handle certain error conditions during device
registration. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2023-22995)

It was discovered that a race condition existed in the Cypress touchscreen
driver in the Linux kernel during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4134)

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

It was discovered that the io_uring subsystem in the Linux kernel contained
a race condition, leading to a null pointer dereference vulnerability. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-46862)

It was discovered that a race condition existed in the Bluetooth subsystem
of the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-51779)

It was discovered that a race condition existed in the Rose X.25 protocol
implementation in the Linux kernel, leading to a use-after- free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51782)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)

It was discovered that the VirtIO subsystem in the Linux kernel did not
properly initialize memory in some situations. A local attacker could use
this to possibly expose sensitive information (kernel memory).
(CVE-2024-0340)

Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)

Read More