Important: postgresql15

Issue Overview: Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack...

Medium: tpm2-tss

Issue Overview: tpm2-tss: arbitrary quote data may go undetected by FapiVerifyQuote CVE-2024-29040 Affected Packages: tpm2-tss Issue Correction: Run dnf update tpm2-tss --releasever 2023.5.20240819 to update your system. New Packages: aarch64: tpm2-tss-fapi-4.0.2-1.amzn2023.aarch64 ...

Medium: tpm2-tss

Issue Overview: tpm2-tss: arbitrary quote data may go undetected by FapiVerifyQuote CVE-2024-29040 Affected Packages: tpm2-tss Issue Correction: Run dnf update tpm2-tss --releasever 2023.5.20240819 or dnf update --advisory ALAS2023-2024-703 --releasever 2023.5.20240819 to update your system. More...

Medium: ruby3.2

Issue Overview: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory address read vulnerability with Regex search CVE-2024-27282 Affected Packages: ruby3.2 Issue Correction: Run dnf update ruby3.2 --releasever 2023.5.20240819 to update your system. New Packages:...

Medium: python-tqdm

Issue Overview: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version...

Medium: php8.2

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

Medium: containerd

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

Low: ca-certificates

Issue Overview: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from GLOBALTRUST. Certifi 2024.07.04 removes ro...

Medium: ghostscript

Issue Overview: NOTE: https://ghostscript.readthedocs.io/en/gs10.03.1/News.html NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5ae2e320d69a7d0973011796bd388cd5befa1a43 ghostpdl-10.03.1 NOTE:...

Medium: mod_http2

Issue Overview: Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. CVE-2024-36387 Affected Packages: modhttp2 Issue Correction: Run dnf update modhttp2 --releasever 2023.5.202408...

Medium: ghostscript

Issue Overview: Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name. CVE-2024-29506 Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...

Medium: ghostscript

Issue Overview: Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name. CVE-2024-29506 Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...

Medium: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack. CVE-2024-37894 Affected Packages: squ...

Important: bind

Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...

Medium: php8.2

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

Important: httpd

Issue Overview: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosu...

Low: ca-certificates

Issue Overview: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from GLOBALTRUST. Certifi 2024.07.04 removes ro...

Medium: nodejs

Issue Overview: NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ CVE-2024-27982 Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for fetch, but did not clear them for undici.request. This...

Important: gtk3

Issue Overview: gtk3: gtk2: Library injection from CWD CVE-2024-6655 Affected Packages: gtk3 Issue Correction: Run dnf update gtk3 --releasever 2023.5.20240805 to update your system. New Packages: aarch64: gtk3-immodules-3.24.43-1.amzn2023.0.1.aarch64 ...

Important: python-setuptools

Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...

Medium: nerdctl

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Medium: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack. CVE-2024-37894 Affected Packages: squ...

Medium: tpm2-tools

Issue Overview: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest CVE-2024-29039 Affected Packages: tpm2-tools Issue Correction: Run dnf update tpm2-tools --releasever 2023.5.20240805 or dnf update...

Medium: rapidjson

Issue Overview: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this...

Medium: krb5

Issue Overview: krb5: GSS message token handling CVE-2024-37370 In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. CVE-2024-37371 Affected Packages: krb5 Issue Correction: Run...

Important: dotnet6.0

Issue Overview: .NET and Visual Studio Denial of Service Vulnerability CVE-2024-38095 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0 --releasever 2023.5.20240805 to update your system. New Packages: aarch64: ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS CVE-2023-52656 In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes CVE-2023-53151 Integer Overflow or...

Medium: libsndfile

Issue Overview: Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. CVE-2022-33065 Affected Packages: libsndfile Issue Correctio...

Important: dotnet6.0

Issue Overview: .NET and Visual Studio Denial of Service Vulnerability CVE-2024-38095 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0 --releasever 2023.5.20240805 or dnf update --advisory ALAS2023-2024-685 --releasever 2023.5.20240805 to update your system. More informatio...

Medium: rapidjson

Issue Overview: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this...

Medium: mod_http2

Issue Overview: Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. CVE-2024-36387 Affected Packages: modhttp2 Issue Correction: Run dnf update modhttp2 --releasever 2023.5.202408...

Medium: nodejs

Issue Overview: NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ CVE-2024-27982 Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for fetch, but did not clear them for undici.request. This...

Medium: libsndfile

Issue Overview: Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. CVE-2022-33065 Affected Packages: libsndfile Issue Correctio...

Medium: containerd

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

Medium: openssl

Issue Overview: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that ar...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep CVE-2024-26605 In the...

Important: python-setuptools

Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...

Important: gtk3

Issue Overview: gtk3: gtk2: Library injection from CWD CVE-2024-6655 Affected Packages: gtk3 Issue Correction: Run dnf update gtk3 --releasever 2023.5.20240805 or dnf update --advisory ALAS2023-2024-675 --releasever 2023.5.20240805 to update your system. More information on how to update your...

Medium: krb5

Issue Overview: krb5: GSS message token handling CVE-2024-37370 In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. CVE-2024-37371 Affected Packages: krb5 Issue Correction: Run...

Important: dotnet8.0

Issue Overview: .NET Core and Visual Studio Denial of Service Vulnerability CVE-2024-30105 .NET and Visual Studio Remote Code Execution Vulnerability CVE-2024-35264 .NET and Visual Studio Denial of Service Vulnerability CVE-2024-38095 Affected Packages: dotnet8.0 Issue Correction: Run dnf update...

Medium: python3.9

Issue Overview: A defect was discovered in the Python "ssl" module where there is a memory race condition with the ssl.SSLContext methods "certstorestats" and "getcacerts". The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContex...

Medium: ghostscript

Issue Overview: NOTE: https://ghostscript.readthedocs.io/en/gs10.03.1/News.html NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5ae2e320d69a7d0973011796bd388cd5befa1a43 ghostpdl-10.03.1 NOTE:...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep CVE-2024-26605 In the...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS CVE-2023-52656 Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allows Forced Integer Overflow. CVE-2024-23307 A...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-2024-39487 In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section CVE-2024-40947 ...

Medium: python-tqdm

Issue Overview: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version...

Important: dotnet8.0

Issue Overview: .NET Core and Visual Studio Denial of Service Vulnerability CVE-2024-30105 .NET and Visual Studio Remote Code Execution Vulnerability CVE-2024-35264 .NET and Visual Studio Denial of Service Vulnerability CVE-2024-38095 Affected Packages: dotnet8.0 Issue Correction: Run dnf update...

Medium: tpm2-tools

Issue Overview: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest CVE-2024-29039 Affected Packages: tpm2-tools Issue Correction: Run dnf update tpm2-tools --releasever 2023.5.20240805 to update your...

Important: bind

Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...

Important: httpd

Issue Overview: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosu...