Armoury Crate & Aura Creator Installer (ROG Live Service) Security Vulnerabilities

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414) webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852) webkitgtk:...

Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

webkit2gtk3 security update

An update is available for webkit2gtk3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the....

Moderate: Image builder components bug fix, enhancement and security update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): osbuild-composer: race condition may disable GPG verification for package repositories (CVE-2024-2307) For more details about the security...

Image builder components bug fix, enhancement and security update

An update is available for osbuild, osbuild-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Image Builder is a service for building customized OS...

Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

Moderate: python-dns security update

The python-dns package contains the dnslib module that implements a DNS client and additional modules that define certain symbolic constants used by DNS, such as dnstype, dnsclass and dnsopcode. Security Fix(es): dnspython: denial of service in stub resolver (CVE-2023-29483) For more details...

python-dns security update

An update is available for python-dns. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-dns package contains the dnslib module that implements a DNS...

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...

tuned bug fix update

An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tuned packages provide a service that tunes system settings according to a....

python3 security update

An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,....

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

Important: bind and dhcp security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...

bind and dhcp security update

An update is available for dhcp, bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain (BIND) is an implementation of the...

sssd security update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon (SSSD) service provides a set of daemons to....

Moderate: sssd security update

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end...

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC in go.opentelemetry.io/collector/config/configgrpc

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC in...

Denial Of Service (DoS)

TYPO3 is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper validation of anonymous user sessions in the built-in record registration functionality using recs URL parameters, allowing attackers to create an arbitrary amount of individual session-data records in the...

Denial Of Service (DoS)

github.com/klauspost/compress/zstd is vulnerable to a Denial of service (DoS). The vulnerability is due to its zstd decompression implementation not respecting the limits imposed by gRPC, which allows attacker to trigger rapid and uncontrolled increases in memory usage on the server or...

CVE-2024-5464

Vulnerability of insufficient permission verification in the NearLink module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-5464

Vulnerability of insufficient permission verification in the NearLink module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36500

Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36500

Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-5464

Vulnerability of insufficient permission verification in the NearLink module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36500

Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service...

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service...

Denial Of Service (DoS)

org.elasticsearch: elasticsearch is vulnerable to Denial of Service (DoS). The vulnerability is due to a StackOverflow exception caused by dynamic field mapping of the passthrough type in an index template. An attacker can exploit this vulnerability by ingesting documents under specific conditions....

CVE-2024-35328

A flaw was found in libyaml, where it is vulnerable to a distributed denial of service attack (DDOS). This issue affects the yaml_parser_parse function in the /src/libyaml/src/parser.c. file. Mitigation Mitigation for this issue is either not available or the currently available options don't meet....

CVE-2024-37535

A flaw was found in gnome VTE. This flaw allows an attacker to cause a denial of service via a window resize escape...

CVE-2024-34364

A flaw was found in Envoy's ext_proc and ext_authz functions. This flaw allows a remote, unauthenticated attacker to trigger excessive memory consumption, causing a denial of...

CVE-2024-34363

A flaw was found in Envoy's access log JSON formatter. This flaw allows a remote, unauthenticated attacker to trigger an abnormal process termination, causing a denial of...

CVE-2024-34362

A flaw was found in Envoy's QUIC stack. This flaw allows a remote, unauthenticated attacker to trigger an abnormal process termination, causing a denial of...

CVE-2024-32976

A flaw was found in Envoy's Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of...

CVE-2024-32975

A flaw was found in Envoy's QUIC stack. This flaw allows a remote, unauthenticated attacker to trigger an abnormal process termination, causing a denial of...

CVE-2024-32974

A flaw was found in Envoy's QUIC stack. This flaw allows a remote, unauthenticated attacker to trigger an abnormal process termination, causing a denial of...

CVE-2023-46103

A flaw was found in intel-microcode. The sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra processors that may allow an authenticated user to enable a denial of service via local access. Mitigation Mitigation for this issue is either not available or the...

CVE-2024-24320

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles...

Rocky Linux 8 : python-dns (RLSA-2024:3275)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:3275 advisory. * dnspython: denial of service in stub resolver (CVE-2023-29483) Tenable has extracted the preceding description block directly from the Rocky Linux security...

Rocky Linux 9 : nodejs (RLSA-2024:2910)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2910 advisory. * nodejs: CONTINUATION frames DoS (CVE-2024-27983) * nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of...

Rocky Linux 8 : idm:DL1 and idm:client (RLSA-2024:3267)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3267 advisory. * JWCrypto: denail of service Via specifically crafted JWE (CVE-2023-6681) * python-jwcrypto: malicious JWE token can cause denial of service...

Rocky Linux 8 : .NET 8.0 (RLSA-2024:3345)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3345 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

Debian dsa-5710 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5710 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5710-1 [email protected] ...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-4 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability....

Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2985 advisory. * pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897) * python-cryptography: memory corruption via...

ROS-20240614-02

The vulnerability in the Python programming language interpreter is related to errors in the conversion of int and str data types. int and str data types. Exploitation of the vulnerability could allow an attacker to cause a denial of service due to the algorithmic...

Openshift Authentication - Failed to authenticate: oidc: failed to get token: oauth2: cannot fetch token

Theis issue is observed when the token provided while configuring oAuth does not match with the service account...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...