This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-8358.
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-8359.
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-8360.
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2024-4558
An anonymous researcher discovered that processing maliciously
crafted web content may lead to an unexpected process crash.
CVE-2024-40776
Huang Xilin discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2024-40779
Huang Xilin discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2024-40780
Huang Xilin dicovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2024-40782
Maksymilian Motyl discovered that processing maliciously crafted
web content may lead to an unexpected process crash.
CVE-2024-40785
Johan Carlsson discovered that processing maliciously crafted web
content may lead to a cross site scripting attack.
CVE-2024-40789
Seunghyun Lee discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2024-40794
Matthew Butler discovered that private Browsing tabs may be
accessed without authentication.
William Khem-Marquez discovered that Pymatgen, a Python library for
materials analysis, could be tricked into running arbitrary code if a
malformed CIF file is processed.
North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions
The “long lost lecture” by Adm. Grace Hopper has been published by the NSA. (Note that there are two parts.)
It’s a wonderful talk: funny, engaging, wise, prescient. Remember that talk was given in 1982, less than a year before the ARPANET switched to TCP/IP and the internet went operational. She was a remarkable person.
Listening to it, and thinking about the audience of NSA engineers, I wonder how much of what she’s talking about as the future of computing—miniaturization, parallelization—was being done in the present and in secret.
microcode_ctl-2.1-64.fc41
Update to upstream 2.1-44. 20240813
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003605 up to 0x5003707;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002802 up to 0x7002904;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003d1 up to 0xd0003e7;
Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000290 up to 0x10002b0;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc4 up to 0xc6;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision 0xb6 up to 0xb8;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x36 up to 0x38;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x50 up to 0x52;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode from revision 0xfa up to 0xfc;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x19 up to 0x1a;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf6 up to 0xf8;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xf4 up to 0xf6;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision 0xf6 up to 0xf8;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0xfc up to 0x100;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xfa up to 0xfc;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xfa up to 0xfe;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xfa up to 0xfc;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5e up to 0x62;
Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1c up to 0x1e.
Addresses CVE-2024-24853, CVE-2024-24980, CVE-2024-25939
microcode_ctl-2.1-61.2.fc40
Update to upstream 2.1-44. 20240813
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003605 up to 0x5003707;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002802 up to 0x7002904;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003d1 up to 0xd0003e7;
Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000290 up to 0x10002b0;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc4 up to 0xc6;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision 0xb6 up to 0xb8;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x36 up to 0x38;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x50 up to 0x52;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode from revision 0xfa up to 0xfc;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x19 up to 0x1a;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf6 up to 0xf8;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xf4 up to 0xf6;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision 0xf6 up to 0xf8;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0xfc up to 0x100;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xfa up to 0xfc;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xfa up to 0xfe;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xfa up to 0xfc;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5e up to 0x62;
Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1c up to 0x1e.
Addresses CVE-2024-24853, CVE-2024-24980, CVE-2024-25939
microcode_ctl-2.1-58.2.fc39
Update to upstream 2.1-44. 20240813
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003605 up to 0x5003707;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002802 up to 0x7002904;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003d1 up to 0xd0003e7;
Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000290 up to 0x10002b0;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc4 up to 0xc6;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision 0xb6 up to 0xb8;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x36 up to 0x38;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x50 up to 0x52;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xf4 up to 0xf6;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode from revision 0xfa up to 0xfc;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x19 up to 0x1a;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf6 up to 0xf8;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xf4 up to 0xf6;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision 0xf6 up to 0xf8;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0xfc up to 0x100;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xfa up to 0xfc;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xfa up to 0xfe;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xfa up to 0xfc;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5e up to 0x62;
Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1c up to 0x1e.
Addresses CVE-2024-24853, CVE-2024-24980, CVE-2024-25939
