Ubuntu Security Notice 7069-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7069-1October 15, 2024linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-gcp,linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTS- Ubuntu 16.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems- linux-kvm: Linux kernel for cloud environments- linux-oracle: Linux kernel for Oracle Cloud systems- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe: Linux hardware enablement (HWE) kernelDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - x86 architecture;  - Cryptographic API;  - CPU frequency scaling framework;  - HW tracing;  - ISDN/mISDN subsystem;  - Media drivers;  - Network drivers;  - NVME drivers;  - S/390 drivers;  - SCSI drivers;  - USB subsystem;  - VFIO drivers;  - Watchdog drivers;  - JFS file system;  - IRQ subsystem;  - Core kernel;  - Memory management;  - Amateur Radio drivers;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - Network traffic control;  - TIPC protocol;  - XFRM subsystem;  - Integrity Measurement Architecture(IMA) framework;  - SoC Audio for Freescale CPUs drivers;  - USB sound devices;(CVE-2024-36971, CVE-2024-42271, CVE-2024-38630, CVE-2024-38602,CVE-2024-42223, CVE-2024-44940, CVE-2023-52528, CVE-2024-41097,CVE-2024-27051, CVE-2024-42157, CVE-2024-46673, CVE-2024-39494,CVE-2024-42089, CVE-2024-41073, CVE-2024-26810, CVE-2024-26960,CVE-2024-38611, CVE-2024-31076, CVE-2024-26754, CVE-2023-52510,CVE-2024-40941, CVE-2024-45016, CVE-2024-38627, CVE-2024-38621,CVE-2024-39487, CVE-2024-27436, CVE-2024-40901, CVE-2024-26812,CVE-2024-42244, CVE-2024-42229, CVE-2024-43858, CVE-2024-42280,CVE-2024-26641, CVE-2024-42284, CVE-2024-26602)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS  linux-image-4.15.0-1136-oracle  4.15.0-1136.147                                  Available with Ubuntu Pro  linux-image-4.15.0-1157-kvm     4.15.0-1157.162                                  Available with Ubuntu Pro  linux-image-4.15.0-1167-gcp     4.15.0-1167.184                                  Available with Ubuntu Pro  linux-image-4.15.0-1174-aws     4.15.0-1174.187                                  Available with Ubuntu Pro  linux-image-4.15.0-1182-azure   4.15.0-1182.197                                  Available with Ubuntu Pro  linux-image-4.15.0-230-generic  4.15.0-230.242                                  Available with Ubuntu Pro  linux-image-4.15.0-230-lowlatency  4.15.0-230.242                                  Available with Ubuntu Pro  linux-image-aws-lts-18.04       4.15.0.1174.172                                  Available with Ubuntu Pro  linux-image-azure-lts-18.04     4.15.0.1182.150                                  Available with Ubuntu Pro  linux-image-gcp-lts-18.04       4.15.0.1167.180                                  Available with Ubuntu Pro  linux-image-generic             4.15.0.230.214                                  Available with Ubuntu Pro  linux-image-kvm                 4.15.0.1157.148                                  Available with Ubuntu Pro  linux-image-lowlatency          4.15.0.230.214                                  Available with Ubuntu Pro  linux-image-oracle-lts-18.04    4.15.0.1136.141                                  Available with Ubuntu Pro  linux-image-virtual             4.15.0.230.214                                  Available with Ubuntu ProUbuntu 16.04 LTS  linux-image-4.15.0-1136-oracle  4.15.0-1136.147~16.04.1                                  Available with Ubuntu Pro  linux-image-4.15.0-1167-gcp     4.15.0-1167.184~16.04.2                                  Available with Ubuntu Pro  linux-image-4.15.0-1174-aws     4.15.0-1174.187~16.04.1                                  Available with Ubuntu Pro  linux-image-4.15.0-230-generic  4.15.0-230.242~16.04.1                                  Available with Ubuntu Pro  linux-image-4.15.0-230-lowlatency  4.15.0-230.242~16.04.1                                  Available with Ubuntu Pro  linux-image-aws-hwe             4.15.0.1174.187~16.04.1                                  Available with Ubuntu Pro  linux-image-gcp                 4.15.0.1167.184~16.04.2                                  Available with Ubuntu Pro  linux-image-generic-hwe-16.04   4.15.0.230.242~16.04.1                                  Available with Ubuntu Pro  linux-image-gke                 4.15.0.1167.184~16.04.2                                  Available with Ubuntu Pro  linux-image-lowlatency-hwe-16.04  4.15.0.230.242~16.04.1                                  Available with Ubuntu Pro  linux-image-oem                 4.15.0.230.242~16.04.1                                  Available with Ubuntu Pro  linux-image-oracle              4.15.0.1136.147~16.04.1                                  Available with Ubuntu Pro  linux-image-virtual-hwe-16.04   4.15.0.230.242~16.04.1                                  Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7069-1  CVE-2023-52510, CVE-2023-52528, CVE-2024-26602, CVE-2024-26641,  CVE-2024-26754, CVE-2024-26810, CVE-2024-26812, CVE-2024-26960,  CVE-2024-27051, CVE-2024-27436, CVE-2024-31076, CVE-2024-36971,  CVE-2024-38602, CVE-2024-38611, CVE-2024-38621, CVE-2024-38627,  CVE-2024-38630, CVE-2024-39487, CVE-2024-39494, CVE-2024-40901,  CVE-2024-40941, CVE-2024-41073, CVE-2024-41097, CVE-2024-42089,  CVE-2024-42157, CVE-2024-42223, CVE-2024-42229, CVE-2024-42244,  CVE-2024-42271, CVE-2024-42280, CVE-2024-42284, CVE-2024-43858,  CVE-2024-44940, CVE-2024-45016, CVE-2024-46673

Ubuntu Security Notice USN-7069-1

Red Hat Security Advisory 2024-8167-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8167.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:8167-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8167Issue date:         2024-10-16Revision:           03CVE Names:          CVE-2024-9680====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.Security Fix(es):* firefox: Use-after-free in Animation timeline (128.3.1 ESR Chemspill)(CVE-2024-9680)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9680References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2314431

Red Hat Security Advisory 2024-8167-03

Ubuntu Security Notice 7064-1 - It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink.

==========================================================================  
Ubuntu Security Notice USN-7064-1  
October 15, 2024

nano vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

nano could be made to give users administrator privileges.

Software Description:  
- nano: small, friendly text editor inspired by Pico

Details:

It was discovered that nano allowed a possible privilege escalation  
through an insecure temporary file. If nano was killed while editing, the  
permissions granted to the emergency save file could be used by an  
attacker to escalate privileges using a malicious symlink.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.04 LTS  
  nano                            7.2-2ubuntu0.1

Ubuntu 22.04 LTS  
  nano                            6.2-1ubuntu0.1

Ubuntu 20.04 LTS  
  nano                            4.8-1ubuntu1.1

Ubuntu 18.04 LTS  
  nano                            2.9.3-2ubuntu0.1~esm1  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  nano                            2.5.3-2ubuntu2+esm1  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7064-1  
  CVE-2024-5742

Package Information:  
  https://launchpad.net/ubuntu/+source/nano/7.2-2ubuntu0.1  
  https://launchpad.net/ubuntu/+source/nano/6.2-1ubuntu0.1  
  https://launchpad.net/ubuntu/+source/nano/4.8-1ubuntu1.1

Ubuntu Security Notice USN-7064-1

Red Hat Security Advisory 2024-8166-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass, denial of service, and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8166.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:8166-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8166  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2024-9392  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

* thunderbird: 115.16/128.3 ()

* firefox: thunderbird: Specially crafted WebTransport requests could lead  
to denial of service (CVE-2024-9399)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and  
Thunderbird 131 (CVE-2024-9403)

* firefox: thunderbird: Potential directory upload bypass via clickjacking  
(CVE-2024-9397)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox  
ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3  
(CVE-2024-9401)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox  
ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9402)

* firefox: thunderbird: External protocol handlers could be enumerated via  
popups (CVE-2024-9398)

* firefox: thunderbird: Potential memory corruption during JIT compilation  
(CVE-2024-9400)

* firefox: thunderbird: Potential memory corruption may occur when cloning  
certain objects (CVE-2024-9396)

* firefox: thunderbird: Cross-origin access to PDF contents through  
multipart responses (CVE-2024-9393)

* firefox: thunderbird: Cross-origin access to JSON contents through  
multipart responses (CVE-2024-9394)

* firefox: thunderbird: Compromised content process can bypass site  
isolation (CVE-2024-9392)

* firefox: Use-after-free in Animation timeline (128.3.1 ESR Chemspill)  
(CVE-2024-9680)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-9392

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2314431  
https://bugzilla.redhat.com/show_bug.cgi?id=2315945  
https://bugzilla.redhat.com/show_bug.cgi?id=2315947  
https://bugzilla.redhat.com/show_bug.cgi?id=2315949  
https://bugzilla.redhat.com/show_bug.cgi?id=2315950  
https://bugzilla.redhat.com/show_bug.cgi?id=2315951  
https://bugzilla.redhat.com/show_bug.cgi?id=2315952  
https://bugzilla.redhat.com/show_bug.cgi?id=2315953  
https://bugzilla.redhat.com/show_bug.cgi?id=2315954  
https://bugzilla.redhat.com/show_bug.cgi?id=2315956  
https://bugzilla.redhat.com/show_bug.cgi?id=2315957  
https://bugzilla.redhat.com/show_bug.cgi?id=2315959  
https://bugzilla.redhat.com/show_bug.cgi?id=2317442

Red Hat Security Advisory 2024-8166-03

Red Hat Security Advisory 2024-8162-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8162.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security update  
Advisory ID:        RHSA-2024:8162-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8162  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403)

* kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658)

* kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CVE-2024-35989)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)

* kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978)

* kernel: net/mlx5: Add a timeout to acquire the command queue semaphore (CVE-2024-38556)

* kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CVE-2024-39483)

* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)

* kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CVE-2024-40959)

* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2281127  
https://bugzilla.redhat.com/show_bug.cgi?id=2281149  
https://bugzilla.redhat.com/show_bug.cgi?id=2281847  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2284571  
https://bugzilla.redhat.com/show_bug.cgi?id=2293078  
https://bugzilla.redhat.com/show_bug.cgi?id=2293443  
https://bugzilla.redhat.com/show_bug.cgi?id=2295921  
https://bugzilla.redhat.com/show_bug.cgi?id=2297474  
https://bugzilla.redhat.com/show_bug.cgi?id=2297543  
https://bugzilla.redhat.com/show_bug.cgi?id=2300517

Red Hat Security Advisory 2024-8162-03

Red Hat Security Advisory 2024-8161-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8161.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: kernel security updateAdvisory ID:        RHSA-2024:8161-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8161Issue date:         2024-10-16Revision:           03CVE Names:          CVE-2021-47560====================================================================Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.Security Fix(es):* kernel: kvm: Avoid potential UAF in LPI translation cache (CVE-2024-26598)* kernel: i40e: Do not allow untrusted VF to remove administratively set MAC (CVE-2024-26830)* kernel: udp: do not accept non-tunnel GSO skbs landing in a tunnel (CVE-2024-35884)* kernel: mlxsw: spectrum: Protect driver from buggy firmware (CVE-2021-47560)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2021-47560References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2265801https://bugzilla.redhat.com/show_bug.cgi?id=2275596https://bugzilla.redhat.com/show_bug.cgi?id=2281704https://bugzilla.redhat.com/show_bug.cgi?id=2283389

Red Hat Security Advisory 2024-8161-03

Red Hat Security Advisory 2024-8158-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8158.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel-rt security update  
Advisory ID:        RHSA-2024:8158-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8158  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)

* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2293654  
https://bugzilla.redhat.com/show_bug.cgi?id=2296067  
https://bugzilla.redhat.com/show_bug.cgi?id=2300430  
https://bugzilla.redhat.com/show_bug.cgi?id=2300442  
https://bugzilla.redhat.com/show_bug.cgi?id=2300552

Red Hat Security Advisory 2024-8158-03

Red Hat Security Advisory 2024-8157-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8157.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security update  
Advisory ID:        RHSA-2024:8157-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8157  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)

* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2293654  
https://bugzilla.redhat.com/show_bug.cgi?id=2296067  
https://bugzilla.redhat.com/show_bug.cgi?id=2300430  
https://bugzilla.redhat.com/show_bug.cgi?id=2300442  
https://bugzilla.redhat.com/show_bug.cgi?id=2300552

Red Hat Security Advisory 2024-8157-03

Red Hat Security Advisory 2024-8132-03 - An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a server-side request forgery vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8132.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libuv security updateAdvisory ID:        RHSA-2024:8132-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8132Issue date:         2024-10-15Revision:           03CVE Names:          CVE-2024-24806====================================================================Summary: An update for libuv is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fix(es):* libuv: Improper Domain Lookup that potentially leads to SSRF attacks (CVE-2024-24806)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-24806References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2263292

Red Hat Security Advisory 2024-8132-03

Red Hat Security Advisory 2024-8120-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8120.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: java-11-openjdk security update  
Advisory ID:        RHSA-2024:8120-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8120  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2023-48161  
====================================================================

Summary: 

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.

Security Fix(es):

* giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161)

* JDK: Array indexing integer overflow (8328544) (CVE-2024-21210)

* JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208)

* JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217)

* JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-48161

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2251025  
https://bugzilla.redhat.com/show_bug.cgi?id=2318524  
https://bugzilla.redhat.com/show_bug.cgi?id=2318526  
https://bugzilla.redhat.com/show_bug.cgi?id=2318530  
https://bugzilla.redhat.com/show_bug.cgi?id=2318534

Latest News