Ubuntu Security Notice 6998-1 - It was discovered that Unbound incorrectly handled string comparisons, which could lead to a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. It was discovered that Unbound incorrectly handled memory in cfg_mark_ports, which could lead to a heap buffer overflow. A local attacker could potentially use this issue to cause a denial of service or execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-6998-1  
September 11, 2024

unbound vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS  
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Unbound.

Software Description:  
- unbound: validating, recursive, caching DNS resolver

Details:

It was discovered that Unbound incorrectly handled string comparisons,  
which could lead to a NULL pointer dereference. An attacker could  
potentially use this issue to cause a denial of service. (CVE-2024-43167)

It was discovered that Unbound incorrectly handled memory in  
cfg_mark_ports, which could lead to a heap buffer overflow. A local  
attacker could potentially use this issue to cause a denial of service  
or execute arbitrary code. (CVE-2024-43168)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.04 LTS  
   libunbound8                     1.19.2-1ubuntu3.2  
   unbound                         1.19.2-1ubuntu3.2  
   unbound-host                    1.19.2-1ubuntu3.2

Ubuntu 22.04 LTS  
   libunbound8                     1.13.1-1ubuntu5.7  
   unbound                         1.13.1-1ubuntu5.7  
   unbound-host                    1.13.1-1ubuntu5.7

Ubuntu 20.04 LTS  
   libunbound8                     1.9.4-2ubuntu1.8  
   unbound                         1.9.4-2ubuntu1.8  
   unbound-host                    1.9.4-2ubuntu1.8

Ubuntu 18.04 LTS  
   libunbound2                     1.6.7-1ubuntu2.6+esm2  
                                   Available with Ubuntu Pro  
   unbound                         1.6.7-1ubuntu2.6+esm2  
                                   Available with Ubuntu Pro  
   unbound-host                    1.6.7-1ubuntu2.6+esm2  
                                   Available with Ubuntu Pro

Ubuntu 16.04 LTS  
   libunbound2                     1.5.8-1ubuntu1.1+esm1  
                                   Available with Ubuntu Pro  
   unbound                         1.5.8-1ubuntu1.1+esm1  
                                   Available with Ubuntu Pro  
   unbound-host                    1.5.8-1ubuntu1.1+esm1  
                                   Available with Ubuntu Pro

Ubuntu 14.04 LTS  
   libunbound2                     1.4.22-1ubuntu4.14.04.3+esm1  
                                   Available with Ubuntu Pro  
   unbound                         1.4.22-1ubuntu4.14.04.3+esm1  
                                   Available with Ubuntu Pro  
   unbound-host                    1.4.22-1ubuntu4.14.04.3+esm1  
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6998-1  
   CVE-2024-43167, CVE-2024-43168

Package Information:  
   https://launchpad.net/ubuntu/+source/unbound/1.19.2-1ubuntu3.2  
   https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.7  
   https://launchpad.net/ubuntu/+source/unbound/1.9.4-2ubuntu1.8

Ubuntu Security Notice USN-6998-1

Red Hat Security Advisory 2024-6576-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 for RHEL 8. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6576.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: redhat-ds:11 security and bug fix update  
Advisory ID:        RHSA-2024:6576-03  
Product:            Red Hat Directory Server  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:6576  
Issue date:         2024-09-11  
Revision:           03  
CVE Names:          CVE-2024-3657  
====================================================================

Summary: 

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 for RHEL 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fixes:

* 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953)

* 389-ds-base: Specially crafted kerberos AS-REQ request may cause Denial of Service (CVE-2024-3657)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* Improved performance of filter component when evaluating a large value  
set, such as group members  (DIRSRV-153)

* The new connection timeout error no longer breaks error mapping (DIRSRV-154)

Users of Red Hat Directory Server 11 are advised to install these updated packages.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-3657

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2274401  
https://bugzilla.redhat.com/show_bug.cgi?id=2292104

Red Hat Security Advisory 2024-6576-03

Red Hat Security Advisory 2024-6569-03 - An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6569.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: 389-ds:1.4 security updateAdvisory ID:        RHSA-2024:6569-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6569Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-5953====================================================================Summary: An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es):* 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-5953References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2292104

Red Hat Security Advisory 2024-6569-03

Red Hat Security Advisory 2024-6568-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8.10. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6568.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: redhat-ds:11 security and bug fix updateAdvisory ID:        RHSA-2024:6568-03Product:            Red Hat Directory ServerAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6568Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-5953====================================================================Summary: An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8.10.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.Security Fixes:* 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953) (DIRSRV-151)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es):* Improved performance of filter component when evaluating a large value set, such as group members (DIRSRV-149)* The new connection timeout error no longer breaks error mapping (DIRSRV-150)Users of Red Hat Directory Server 11 are advised to install these updated packages.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-5953References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2292104

Red Hat Security Advisory 2024-6568-03

Red Hat Security Advisory 2024-6567-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include double free, out of bounds access, and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6567.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security update  
Advisory ID:        RHSA-2024:6567-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:6567  
Issue date:         2024-09-11  
Revision:           03  
CVE Names:          CVE-2023-52463  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)

* kernel: nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)

* kernel: mm: cachestat: fix folio read-after-free in cache walk (CVE-2024-26630)

* kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)

* kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886)

* kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946)

* kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791)

* kernel: mm: cachestat: fix two shmem bugs (CVE-2024-35797)

* kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems (CVE-2024-35875)

* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)

* kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area (CVE-2023-52801)

* kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)

* kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() (CVE-2024-36019)

* kernel: usb-storage: alauda: Check whether the media is initialized (CVE-2024-38619)

* kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979)

* kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)

* kernel: xhci: Handle TD clearing for multiple streams case (CVE-2024-40927)

* kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() (CVE-2024-40936)

* kernel: net/sched: Fix UAF when resolving a clash (CVE-2024-41040)

* kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044)

* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)

* kernel: PCI/MSI: Fix UAF in msi_capability_init (CVE-2024-41096)

* kernel: xdp: Remove WARN() from __xdp_reg_mem_model() (CVE-2024-42082)

* kernel: x86: stop playing stack games in profile_pc() (CVE-2024-42096)

* kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (CVE-2024-42102)

* kernel: mm: avoid overflows in dirty throttling logic (CVE-2024-42131)

* kernel: nvme: avoid double free special payload (CVE-2024-41073)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-52463

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2265797  
https://bugzilla.redhat.com/show_bug.cgi?id=2269434  
https://bugzilla.redhat.com/show_bug.cgi?id=2269436  
https://bugzilla.redhat.com/show_bug.cgi?id=2273141  
https://bugzilla.redhat.com/show_bug.cgi?id=2275678  
https://bugzilla.redhat.com/show_bug.cgi?id=2278206  
https://bugzilla.redhat.com/show_bug.cgi?id=2281052  
https://bugzilla.redhat.com/show_bug.cgi?id=2281151  
https://bugzilla.redhat.com/show_bug.cgi?id=2281727  
https://bugzilla.redhat.com/show_bug.cgi?id=2281968  
https://bugzilla.redhat.com/show_bug.cgi?id=2282709  
https://bugzilla.redhat.com/show_bug.cgi?id=2284271  
https://bugzilla.redhat.com/show_bug.cgi?id=2284402  
https://bugzilla.redhat.com/show_bug.cgi?id=2293273  
https://bugzilla.redhat.com/show_bug.cgi?id=2293276  
https://bugzilla.redhat.com/show_bug.cgi?id=2293440  
https://bugzilla.redhat.com/show_bug.cgi?id=2297511  
https://bugzilla.redhat.com/show_bug.cgi?id=2297520  
https://bugzilla.redhat.com/show_bug.cgi?id=2300409  
https://bugzilla.redhat.com/show_bug.cgi?id=2300414  
https://bugzilla.redhat.com/show_bug.cgi?id=2300429  
https://bugzilla.redhat.com/show_bug.cgi?id=2300491  
https://bugzilla.redhat.com/show_bug.cgi?id=2300520  
https://bugzilla.redhat.com/show_bug.cgi?id=2300713  
https://bugzilla.redhat.com/show_bug.cgi?id=2301465  
https://bugzilla.redhat.com/show_bug.cgi?id=2301496  
https://bugzilla.redhat.com/show_bug.cgi?id=2301637

Red Hat Security Advisory 2024-6567-03

Red Hat Security Advisory 2024-6560-03 - An update for kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6560.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 security updateAdvisory ID:        RHSA-2024:6560-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6560Issue date:         2024-09-10Revision:           03CVE Names:          CVE-2024-41090====================================================================Summary: An update for kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-4.18.0-477.43.1.el8_8.Security Fix(es):* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41090References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2299240https://bugzilla.redhat.com/show_bug.cgi?id=2299336

Red Hat Security Advisory 2024-6560-03

Red Hat Security Advisory 2024-6559-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6559.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql:12 security updateAdvisory ID:        RHSA-2024:6559-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6559Issue date:         2024-09-10Revision:           03CVE Names:          CVE-2024-7348====================================================================Summary: An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system (DBMS).Security Fix(es):* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-7348References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2024-6559-03

Red Hat Security Advisory 2024-6558-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6558.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql:13 security updateAdvisory ID:        RHSA-2024:6558-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6558Issue date:         2024-09-10Revision:           03CVE Names:          CVE-2024-7348====================================================================Summary: An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system (DBMS).Security Fix(es):* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-7348References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2024-6558-03

Red Hat Security Advisory 2024-6557-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6557.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql:13 security updateAdvisory ID:        RHSA-2024:6557-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6557Issue date:         2024-09-10Revision:           03CVE Names:          CVE-2024-7348====================================================================Summary: An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system (DBMS).Security Fix(es):* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-7348References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2024-6557-03

Red Hat Security Advisory 2024-6536-03 - Red Hat AMQ Streams 2.5.2 is now available from the Red Hat Customer Portal. Issues addressed include bypass, denial of service, information leakage, and memory leak vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6536.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Red Hat AMQ Streams 2.5.2 release and security update  
Advisory ID:        RHSA-2024:6536-03  
Product:            Streams for Apache Kafka  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:6536  
Issue date:         2024-09-10  
Revision:           03  
CVE Names:            
====================================================================

Summary: 

Red Hat AMQ Streams 2.5.2 is now available from the Red Hat Customer Portal.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. 

This release of Red Hat AMQ Streams 2.5.2 serves as a replacement for Red Hat AMQ Streams 2.5.1, and includes security and bug fixes, and enhancements.

Security Fix(es):  
* Scala: sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file. This would have potential to overwrite `/root/.ssh/authorized_keys`. Within sbt's main code, `IO.unzip` is used in `pullRemoteCache` task and `Resolvers.remote`; however many projects use `IO.unzip(...)` directly to implement custom tasks. This vulnerability has been patched in version 1.9.7.(CVE-2023-46122)

* ZooKeeper: Information disclosure in persistent watcher handling. Users are recommended to upgrade to version 3.9.2, 3.8.4 which fixes the issue.  
(CVE-2024-23944)

* ZooKeeper: Authorization Bypass in Apache ZooKeeper [amq-st-2](CVE-2023-44981)

* Snappy: flaw was found in SnappyInputStream in snappy-java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service (DoS) (CVE-2023-43642)

* Kafka: snappy-java: Unchecked chunk length leads to DoS [amq-st-2](CVE-2023-34455), (CVE-2024-27309), (CVE-2024-31141)

* Strimzi Operators: vertx-core: io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)

* Strimzi Bridge: flaw was found in SnappyInputStream in snappy-java (CVE-2023-43642)

* Strimzi Bridge: netty-codec-http: Allocation of Resources Without Limits or Throttling (CVE-2024-29025)

* Strimzi Bridge: vertx-core: io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)

* Strimzi Bridge: netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (CVE-2023-44487)

 * Strimzi Bridge: Bump snappy-java to fix (CVE-2023-43642)

* Strimzi OAuth: In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component. (CVE-2023-52428)

* Cruise Control: flaw was found in SnappyInputStream in snappy-java (CVE-2023-43642)

* Cruise Control: jose4j- denial of service via specially crafted JWE (CVE-2023-51775)

 * Cruise Control: Bump snappy-java to fix (CVE-2023-43642)

* Cruise Control: cruise-control reported a high-sev json vulnerability (CVE-2023-5072)

* Cruise Control: Nimbus JOSE+JWT before 9.37.2 (CVE-2023-52428)

* Strimzi Kafka Kubernetes Config Provider: Bump snappy-java to fix (CVE-2023-43642)

Solution:

CVEs:

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://issues.redhat.com/browse/ENTMQST-5366  
https://issues.redhat.com/browse/ENTMQST-5882  
https://issues.redhat.com/browse/ENTMQST-5885  
https://issues.redhat.com/browse/ENTMQST-5886  
https://issues.redhat.com/browse/ENTMQST-6235

Latest News