Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-0741,
CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0747,
CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753,
CVE-2024-0754, CVE-2024-0755)
Cornel Ionce discovered that Firefox did not properly manage memory when
opening the print preview dialog. An attacker could potentially exploit
this issue to cause a denial of service. (CVE-2024-0746)
It was discovered that Exim incorrectly handled certain requests.
A remote attacker could possibly use a published exploitation technique
to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass
of an SPF protection mechanism.
Multiple security issues were discovered in Redis, a persistent
key-value database, which could result in the execution of arbitrary
code or ACL bypass.
Several vulnerabilities were discovered in the Slurm Workload Manager, a
cluster resource management and job scheduling system, which may result
in privilege escalation, denial of service, bypass of message hash
checks or opening files with an incorrect set of extended groups.
More specifically, this issue is an out-of-bounds read.
AFAICT the issue was actually introduced in Graphviz 2.36. It was fixed
in commit a95f977f5d809915ec4b14836d2b5b7f5e74881e (essentially
reverting cf95714837f06f684929b54659523c2c9b1fc19f that introduced the
issue), but there has been no release yet since then. The next release
will be 10.0.0. So affected versions would be [2.36, 10.0.0).
In regards to your recent FD posts, are you requesting CVEs based on the
presence of strings in commit messages such as “null pointer dereference”?
Are you reaching out to each upstream project before assigning a CVE? Do
you believe that every null pointer bug is a vulnerability? What impact
are you hoping to achieve?
In your recent mass posts to FD, are you reporting vulnerabilities or
bug reports which have words like “segfault” in the title? What benefit
do you see this having? Have you spoken to each upstream project before
requesting a CVE be assigned?
I will be asking that this CVE be withdrawn on behalf of the X.Org security team.
While it is a low-priority bug, we did not see any security exposure
when this bug was first brought to our attention because there is no
way for an attacker to change the contents of the lisp.lsp file or to
cause a *.lsp file to be loaded for another user.
The bug report states “replace /usr/local/lib/X11/xedit/lisp/lisp.lsp with
the attached version,”…
