Medium: fdupes

Issue Overview: In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink. CVE-2022-48682 Affected Packages: fdupes Note: This advisory is applicable to Amazon Linux 2 - Mate-desktop1.x Extra. Visit this page to learn more about Amazon Linux 2 AL2...

Important: amazon-cloudwatch-agent

Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...

Medium: microcode_ctl

Issue Overview: Insufficient control flow management for some IntelR Xeon Processors may allow an authenticated user to potentially enable denial of service via local access. CVE-2024-22374 Affected Packages: microcodectl Issue Correction: Run dnf update microcodectl --releasever 2023.5.20240903 ...

Medium: docker

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 Affected Packages: docker Issue Correction: Run dnf update docker...

Medium: nginx

Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and...

Medium: runc

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 Affected Packages: runc Note: This advisory is applicable to Amazon Linu...

Medium: docker

Issue Overview: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorizatio...

Medium: docker

Issue Overview: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorizatio...

Important: docker

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

Important: docker

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

Medium: runc

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 Affected Packages: runc Note: This advisory is applicable to Amazon Linu...

Important: docker

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

Important: docker

Issue Overview: When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorizatio...

Important: kernel-livepatch-5.10.219-208.866

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free CVE-2022-48666 kernel: virtio-net: tap: mlx5core short frame denial of service CVE-2024-41090 kernel: virtio-net: tun: mlx5core short frame denial of service CVE-2024-41091 Affecte...

Medium: oci-add-hooks

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Important: kernel-livepatch-5.10.220-209.867

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free CVE-2022-48666 kernel: virtio-net: tap: mlx5core short frame denial of service CVE-2024-41090 kernel: virtio-net: tun: mlx5core short frame denial of service CVE-2024-41091 Affecte...

Important: kernel-livepatch-5.10.217-205.860

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free CVE-2022-48666 kernel: virtio-net: tap: mlx5core short frame denial of service CVE-2024-41090 kernel: virtio-net: tun: mlx5core short frame denial of service CVE-2024-41091 Affecte...

Important: kernel-livepatch-5.10.218-208.862

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free CVE-2022-48666 kernel: virtio-net: tap: mlx5core short frame denial of service CVE-2024-41090 kernel: virtio-net: tun: mlx5core short frame denial of service CVE-2024-41091 Affecte...

Important: kernel-livepatch-4.14.345-262.561

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete CVE-2024-39480 Affected Packages: kernel-livepatch-4.14.345-262.561 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: kernel-livepatch-5.10.220-209.869

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free CVE-2022-48666 kernel: virtio-net: tap: mlx5core short frame denial of service CVE-2024-41090 kernel: virtio-net: tun: mlx5core short frame denial of service CVE-2024-41091 Affecte...

Important: kernel-livepatch-4.14.348-265.562

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete CVE-2024-39480 Affected Packages: kernel-livepatch-4.14.348-265.562 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Medium: firefox

Issue Overview: There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed CVE-2024-26820 In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of...

Important: kernel-livepatch-5.10.218-206.860

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free CVE-2022-48666 kernel: virtio-net: tap: mlx5core short frame denial of service CVE-2024-41090 kernel: virtio-net: tun: mlx5core short frame denial of service CVE-2024-41091 Affecte...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized CVE-2024-38619 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fully validate NFTDATAVALUE on store to data...

Medium: oci-add-hooks

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Important: kernel-livepatch-4.14.345-262.561

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget CVE-2024-27020 Affected Packages: kernel-livepatch-4.14.345-262.561 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: kernel-livepatch-4.14.344-262.563

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget CVE-2024-27020 Affected Packages: kernel-livepatch-4.14.344-262.563 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: qemu

Issue Overview: QEMU: sdhci: heap buffer overflow in sdhciwritedataport CVE-2024-3447 A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img process on the host to...

Important: bind

Issue Overview: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This...

Important: linux-firmware

Issue Overview: Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. CVE-2023-31315 Affected Packages: linux-firmware Note: This advisory is...

Important: bind

Issue Overview: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This...

Medium: kernel

Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...

Low: cups

Issue Overview: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with...

Medium: kernel

Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...

Important: webkitgtk4

Issue Overview: A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an...

Medium: apache-commons-compress

Issue Overview: When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package...

Important: linux-firmware

Issue Overview: Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. CVE-2023-31315 Affected Packages: linux-firmware Note: This advisory is...

Medium: apache-commons-compress

Issue Overview: When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package...

Low: cups

Issue Overview: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with...

Important: qemu

Issue Overview: QEMU: sdhci: heap buffer overflow in sdhciwritedataport CVE-2024-3447 A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img process on the host to...

Important: webkitgtk4

Issue Overview: A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an...

Important: linux-firmware

Issue Overview: Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. CVE-2023-31315 Affected Packages: linux-firmware Issue Correction: Run dnf...

Medium: p7zip

Issue Overview: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 for 7zz contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2, for i=9, i=10, i=11, etc. CVE-2023-52168 The NtfsHandler.cpp NTF...

Important: postgresql15

Issue Overview: Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack...

Medium: p7zip

Issue Overview: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 for 7zz contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2, for i=9, i=10, i=11, etc. CVE-2023-52168 The NtfsHandler.cpp NTF...

Medium: ruby3.2

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory address read vulnerability with Regex search CVE-2024-27282 Affected Packages: ruby3.2 Issue Correction: Run dnf update ruby3.2 --releasever 2023.5.20240819 or dnf update --advisory...

Important: linux-firmware

Issue Overview: Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. CVE-2023-31315 Affected Packages: linux-firmware Issue Correction: Run dnf...