sos bug fix and enhancement update

An update is available for sos. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial CVE-2024-26900 In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser CVE-2024-35947 In the Linux kernel, the following...

BIT-HUBBLE-RELAY-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: schcake: do not call cakedestroy from cakeinit qdiscs are not supposed to call their own destroy method from init, because core stack already does that. syzbot was able to trigger use after free: DEBUGLOCKSWARNONlock-magic != loc...

CVE-2024-38605

In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b "ALSA: core: Warn on empty module" introduced a WARNON for a NULL module pointer passed at sndcard object creation, and it also wraps the code...

CVE-2024-38576

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in printcpustallinfo The rcuc-starvation output from printcpustallinfo might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers...

CVE-2024-38614 openrisc: traps: Don't send signals to kernel mode threads

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions for debugging among others. There is a bug where the trap...

CVE-2024-38576 rcu: Fix buffer overflow in print_cpu_stall_info()

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in printcpustallinfo The rcuc-starvation output from printcpustallinfo might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers...

Exploit for Special Element Injection in Google Android

CVE 2024 0044 CVE-2024-0044, identified in the createSessionI...

Exploit for Special Element Injection in Google Android

CVE 2024 0044 CVE-2024-0044, identified in the createSessionI...

Unauthorized Access

SilverStripe is vulnerable to Unauthorized Access. The vulnerability is due to failure to restrict access via the URL parameters isDev and isTest with debugging tools intended only for development "dev mode", which allows unauthenticated users to expose sensitive debugging information typically...

OPENSUSE-SU-2024:10128-1 kernel-debug-4.8.13-1.1 on GA media

These are all security issues fixed in the kernel-debug-4.8.13-1.1 package on the GA media of openSUSE Tumbleweed...

Mattermost Desktop App Security Vulnerability

Mattermost Desktop App is a messaging desktop application from Mattermost USA. A security vulnerability exists in Mattermost Desktop App version 5.7.0 and earlier, which stems from an inability to disable certain Electron debugging flags, which allows bypassing TCC restrictions...

CVE-2024-32912

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32912

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

PT-2024-36843 · WordPress · Cf7 Google Sheets Connector

Name of the Vulnerable Software and Affected Versions: CF7 Google Sheets Connector plugin for WordPress versions up to, and including, 5.0.9 Description: The issue is related to a missing capability check on the execute post data cg7 free function, allowing unauthenticated attackers to modify dat...

ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations

The Zend\Db component in Zend Framework 2 provides platform abstraction, which is used in particular for SQL abstraction. Two methods defined in the platform interface, quoteValue and quoteValueList, allow users to manually quote values for creating SQL statements; these are in turn consumed by...

GHSA-X2F4-8WXF-W3VF ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations

The Zend\Db component in Zend Framework 2 provides platform abstraction, which is used in particular for SQL abstraction. Two methods defined in the platform interface, quoteValue and quoteValueList, allow users to manually quote values for creating SQL statements; these are in turn consumed by...

Debugging Backups with Longhorn CSI

Challenge Veeam Kasten for Kubernetes backup job that doesn't complete while using Longhorn CSI drivers is never-ending even after the proper installation of CSI snapshotter components and controllers. No errors are noticed generally for this issue. The job waits for the volumesnapshot object in...