Posted by Valentin Lobstein via Fulldisclosure on Jan 26

CVE ID: CVE-2024-22903

Title: Command Injection Vulnerability in SystemHandler.class.php of Vinchin Backup & Recovery Versions 7.2 and Earlier

Description:
A significant security vulnerability, CVE-2024-22903, has been identified in the `deleteUpdateAPK` function within the
`SystemHandler.class.php` file of Vinchin Backup & Recovery software, affecting versions 7.2 and earlier. This
function, designed to delete APK files, is prone to…

Read More

Posted by Valentin Lobstein via Fulldisclosure on Jan 26

CVE ID: CVE-2024-22902

Title: Default Root Credentials Vulnerability in Vinchin Backup & Recovery v7.2

Suggested Description:
Vinchin Backup & Recovery version 7.2 has been identified as being configured with default root credentials, posing a
significant security vulnerability.

Additional Information:
There is no documentation or guidance from Vinchin on changing the root password for this version. The use of password
authentication…

Read More

Posted by Valentin Lobstein via Fulldisclosure on Jan 26

CVE ID: CVE-2024-22899

Title: Command Injection Vulnerability in Vinchin Backup and Recovery’s syncNtpTime Function in Versions 7.2 and Earlier

Description:
A critical security vulnerability, identified as CVE-2024-22899, has been discovered in the `syncNtpTime` function of
Vinchin Backup and Recovery software. This issue affects versions 7.2 and earlier. The function, part of the
`SystemHandler.class.php` file, is designed for…

Read More

Posted by Balgogan via Fulldisclosure on Jan 26

CVE ID: CVE-2024-22900

Title: Command Injection Vulnerability in Vinchin Backup and Recovery Versions 7.2 and Earlier

Description:
A critical security vulnerability, identified as CVE-2024-22900, has been discovered in Vinchin Backup and Recovery
software, affecting versions 7.2 and earlier. The vulnerability is present in the `setNetworkCardInfo` function, which
is intended to update network card information.

Details:
1. The function…

Read More

Posted by SBA – Advisory via Fulldisclosure on Jan 26

# CloudLinux CageFS Insufficiently Restricted Proxy Command #

Link:
https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_CloudLinux_CageFS_Insufficiently_Restricted_Proxy_Commands

## Vulnerability Overview ##

CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths
supplied to the `sendmail` proxy command. This allows local users to read
and write arbitrary files of certain file formats outside the…

Read More

Posted by SBA – Advisory via Fulldisclosure on Jan 26

# CloudLinux CageFS Token Disclosure #

Link: https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-01_CloudLinux_CageFS_Token_Disclosure

## Vulnerability Overview ##

CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a
command line argument. In some configurations this allows local users to
view the authentication token via the process list and gain code execution
as another user.

* **Identifier**…

Read More

FEDORA-2024-9974808629

Packages in this update:

firecracker-1.6.0-4.fc40
libkrun-1.7.2-2.fc40
rust-event-manager-0.4.0-1.fc40
rust-kvm-bindings-0.7.0-1.fc40
rust-kvm-ioctls-0.16.0-1.fc40
rust-linux-loader-0.10.0-2.fc40
rust-userfaultfd-0.8.1-1.fc40
rust-versionize-0.2.0-1.fc40
rust-vhost-0.10.0-1.fc40
rust-vhost-user-backend-0.13.1-1.fc40
rust-virtio-queue-0.11.0-1.fc40
rust-vm-memory-0.14.0-1.fc40
rust-vmm-sys-util-0.12.1-1.fc40
rust-vm-superio-0.7.0-3.fc40
virtiofsd-1.10.0-1.fc40

Update description:

Update rust-vmm components and their consumers to address CVE-2023-50711

Read More

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not
properly validate network family support while creating a new netfilter
table. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6040)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle inactive elements in its PIPAPO data structure, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-6817)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly check deactivated elements in certain situations, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-0193)

Read More

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle inactive elements in its PIPAPO data structure, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-6817)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly check deactivated elements in certain situations, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-0193)

Read More

It was discovered that the SMB network file sharing protocol implementation
in the Linux kernel did not properly handle certain error conditions,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-5345)

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not
properly validate network family support while creating a new netfilter
table. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6040)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did
not properly handle inactive elements in its PIPAPO data structure, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-6817)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly check deactivated elements in certain situations, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-0193)

Read More