Security Advisory 0098

Security Advisory 0098 . CSAF PDF Date: June 25, 2024 Revision | Date | Changes ---|---|--- 1.0 | June 25, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-4578 CVSSv3.1 Base Score: 8.4 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Common Weakness Enumeration: CWE-77 Improper...

Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cliserver debug leftover debug code vulnerability June 25, 2024 CVE Number CVE-2024-21827 SUMMARY A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN...

XZ backdoor: Hook analysis

Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident social engineering Part 3: XZ backdoor. Hook analysis In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned...

SUSE CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fix a null-pointer dereference in loadvideobinaries The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed with a dereference of mycs-yuvscalerbinary after the following call chain...

CVE-2024-32943

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly...

CVE-2024-32943

Westermo L210-F2G Lynx (CVE-2024-32943) is affected by an improper control of interaction frequency vulnerability that can cause a denial-of-service by sending many SSH packets repeatedly. The incident is documented across multiple sources as impacting the Westermo L210-F2G Lynx, with the Red Hat...

CVE-2024-32943 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly...

CVE-2024-32943 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly...

PT-2024-4333 · Westermo · Westermo L210-F2G Lynx

Name of the Vulnerable Software and Affected Versions: Westermo L210-F2G Lynx affected versions not specified Description: The issue is related to insufficient control over interaction frequency, allowing a remote attacker to cause a denial-of-service condition by sending many SSH packets...

PostgreSQL Detection Consolidation

Consolidation of PostgreSQL detections. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.128025";...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.30 packages and security update

Red Hat OpenShift Container Platform release 4.14.30 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

UBUNTU-CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fix a null-pointer dereference in loadvideobinaries The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed with a dereference of mycs-yuvscalerbinary after the following call chain...

RHEL 8 / 9 : OpenShift Container Platform 4.14.30 (RHSA-2024:3918)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3918 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

New Malware Targets Exposed Docker APIs for Cryptocurrency Mining

Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed is a remote access tool that's capable of downloading and executing more...

SSH communication between Netscaler Console nodes and/or Netscaler/Netscaler-SDX instance(s) fails

After upgrading Netscaler Console aka. ADM from earlier versions to either13.1-53.17 or 53.22 refresh build or 14.1-25.53, certain tasks like re-creating HA deployment, Netscaler backup , or other tasks involving SSH connection may fail and manifest in error popup or log entries in...

GHSA-6GR4-52W6-VMQX rke's credentials are stored in the RKE1 Cluster state ConfigMap

Impact When RKE provisions a cluster, it stores the cluster state in a configmap called full-cluster-state inside the kube-system namespace of the cluster itself. This cluster state object contains information used to set up the K8s cluster, which may include the following sensitive data: -...

PT-2024-4208 · Rancher · Rancher Kubernetes Engine +1

Name of the Vulnerable Software and Affected Versions: Rancher Kubernetes Engine RKE versions prior to 1.4.19 Rancher Kubernetes Engine RKE versions prior to 1.5.10 Rancher versions prior to 2.7.14 Rancher versions prior to 2.8.5 Description: The issue is related to the storage of cluster state i...

OPENSUSE-SU-2024:11407-1 ssh-audit-2.5.0-1.2 on GA media

These are all security issues fixed in the ssh-audit-2.5.0-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13932-1 ssh-audit-3.2.0-1.1 on GA media

These are all security issues fixed in the ssh-audit-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10464-1 pam_ssh-2.1-1.7 on GA media

These are all security issues fixed in the pamssh-2.1-1.7 package on the GA media of openSUSE Tumbleweed...