Wireless service providers prioritize uptime and lag time, occasionally at the cost of security, allowing attackers to take advantage, steal data, and worse.

Source: peter galleghan via Alamy Stock Photo

Mobile devices are at risk of wanton data theft and denial of service, thanks to vulnerabilities in 5G technologies.

At the upcoming Black Hat 2024 in Las Vegas, a team of seven Penn State University researchers will describe how hackers can go beyond sniffing your Internet traffic by literally providing your Internet connection to you. From there, spying, phishing, and plenty more are all on the table.

It's a remarkably accessible form of attack, they say, involving commonly overlooked vulnerabilities and equipment you can buy online for a couple of hundred dollars.

**Step 1: Set Up a Fake Base Station**

When a device first attempts to connect with a mobile network base station, the two undergo an authentication and key agreement (AKA). The device sends a registration request, and the station replies with requests for authentication and security checks.

Though the station vets the phone, the phone does not initially vet the station. Its legitimacy is essentially accepted as a given.

"Base stations advertise their presence in a particular area by broadcasting 'sib1' messages every 20 milliseconds, or 40 milliseconds, and none of those broadcast messages have authentication, or any kind of security mechanisms," explains Penn State assistant professor Syed Rafiul Hussain. "They're just plaintext messages. So there's no way that a phone or a device can check whether it's coming from a fake tower."

Setting up a fake tower isn't as tall a task as it might seem. You just need to mimic a real one using a software-defined radio (SDR). As Kai Tu, another Penn State research assistant points out, "People can purchase them online — they're easy to get. Then you can get some open source software (OSS) to run on it, and this kind of setup can be used as a fake base station." Expensive SDRs might cost tens of thousands of dollars, but cheap ones that get the job done are available for only a few hundred.

It might seem counterintuitive that a small contraption could seduce your phone away from an established commercial tower. But a targeted attack with a nearby SDR could provide even greater 5G signal strength than a tower servicing thousands of other people at the same time. "By their nature, devices try to connect to the best possible cell towers — that is, the ones providing the highest signal strength," Hussain says.

**Step 2: Exploit a Vulnerability**

Like any security process, AKA can be exploited. In the 5G modem integrated in one popular brand of mobile processor, for example, the researchers found a mishandled security header that an attacker could use to bypass the AKA process entirely.

This processor in question is used in the majority of devices manufactured by two of the world's biggest smartphone companies. Dark Reading has agreed to keep its name confidential.

After having attracted a targeted device, an attacker could use this AKA bypass to return a maliciously crafted "registration accept" message and initiate a connection. At this point the attacker becomes the victim's Internet service provider, capable of seeing everything they do on the Web in unencrypted form. They can also engage the victim by, for example, sending a spear phishing SMS message, or redirecting them to malicious sites.

Though AKA bypass was the most severe, the researchers discovered other vulnerabilities that would allow them to determine a device's location, and perform denial of service (DoS).

**How to Secure 5G**

The Penn State researchers have reported all the vulnerabilities they discovered to their respective mobile vendors, which have all since deployed patches.

A more permanent solution, however, would have to begin with securing 5G authentication. As Hussain says, "If you want to ensure the authenticity of these broadcast messages, you need to use public key infrastructure (PKI). And deploying PKI is expensive — you need to update all of the cell towers. And there are some non-technical challenges. For example, who will be the root certificate authority of the public keys?"

It's unlikely that such an overhaul will happen any time soon, as 5G systems were knowingly built to transmit messages in plaintext for specific reasons.

"It's a matter of incentives. Messages are sent in milliseconds, so if you incorporate some kind of cryptographic mechanism, it will increase the computational overhead for the cell tower and for the user device. Computational overhead is also associated with time, so performance-wise it will be a bit slower," Hussain explains.

Perhaps the performance incentives outweigh security ones. But whether it be via a fake cell tower, Stingray device, or any other means, "They all exploit this feature — the lack of authentication of the initial broadcast messages from the cell towers."

"This is the root of all evil," Hussain adds.

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Your Phone's 5G Connection Is Vulnerable to Bypass, DoS Attacks

Debian Linux Security Advisory 5722-1 - It was discovered that multiple integer overflows in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service and potentially the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5722-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJune 26, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libvpxCVE ID         : CVE-2024-5197It was discovered that multiple integer overflows in libvpx, amultimedia library for the VP8 and VP9 video codecs, may result indenial of service and potentially the execution of arbitrary code.   For the oldstable distribution (bullseye), this problem has been fixedin version 1.9.0-1+deb11u3.For the stable distribution (bookworm), this problem has been fixed inversion 1.12.0-1+deb12u3.We recommend that you upgrade your libvpx packages.For the detailed security status of libvpx please refer toits security tracker page at:https://security-tracker.debian.org/tracker/libvpxFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZ8XGEACgkQEMKTtsN8TjbR3xAAjCKV4coiR5I7kJJmjWma8XZvNs2U6UIr1TMuovp88eglwhfc/ppxfi+i3K4+80Wznd+OqOwPvhOKDkSwR1H+Q1d7l3vRJnHvLOMVzjr8uziabk/P2GdszBWByxFZ9K0iVJZyR0DDhn3gThBuSaPk8Y/9O0vP3ZWl/5cp66b3jdyOl/INVmwfylC8tg2cFIeZJrGTbTI9avbhHvMaxbqvyLIaXM/hvewbN6I0yGhk3y2kasbkyEkDclcgQHzfQc20kPwgcWvJXD5ZD4MEHvXKvjhEfI7SRipgk2wFpxdrxRr/deA9+ZEvW5mnMl0FkuAbOZp0MeqSu1/rWfqdAPy1q0nKJQgnTJ9uLskaYrL+ou/eNvhERD6Vdn5tNpa2pJlNlXkrmxmlUoLPmkgp9mO4EZ0xqaFqarj2KeYipUZMLdU1+19VsWkp+YdmqmrQ1PSIbJ+M+sGCyrStR5V6MSe+FaIW1M+XmGvST98TrHj8MZvjBiqXjjGthhDmXHUhHfY4uM7ivurEjVcPiCJuD+YF7OfuFIxWP7Qoi50JJXeRpo1CYj4CaKwqXpbUQzocfXfiVm9v0I8xeJXhfTxV6K1lowYKTAcJ5u+rfUYYV/Q5nX1D5FqWFPjvNxtgGNF51gBbivEQNja1z7LFVSQs7QtiP6+gXuMFfrBMrhgA/ikO3Mk==AYgJ-----END PGP SIGNATURE-----

Debian Security Advisory 5722-1

Debian Linux Security Advisory 5721-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5721-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 26, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : ffmpeg  
CVE ID         : CVE-2022-48434 CVE-2023-50010 CVE-2023-51793  
                 CVE-2023-51794 CVE-2023-51798

Several vulnerabilities have been discovered in the FFmpeg multimedia  
framework, which could result in denial of service or potentially the  
execution of arbitrary code if malformed files/streams are processed.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 7:4.3.7-0+deb11u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZ8XGAACgkQEMKTtsN8  
TjayWQ//WBpVVtgWkhyjdpro2pRqJ1gOoRJHzHrx0NHBg1Taz1xL5UPj3YTzFJsf  
h73nAlbqe4uf4NjdcOzRjqsTEVXzIAyV34hh+4R0q9ct13e4f/iDxXKFlm/dNmux  
Lyx1lqT0C9yr7//XORM7zW3t7zaBMr/ZDzodw5ecndIqlqGoEH6IhPPAsPE2L2GA  
bFsN4RUeeI3XLbabWnGTB0DdAV/6oU7S9zb7D8uWuM351q9ihRloIQUNuWJdA2Te  
di85QDZdcM78BCIYwZ8gQpvimZG2GyF2erZni/qaOtp8JmhYHD9BdeIEe3fCNmeM  
R7FkNPHgr/f+h3Gu5/wXOutwtyswxH19R1GkdchPd3NtJhHeu1CY9Wf4OboCReCr  
x4N4Tqw36DUzGOy5mAdDfMyulli/bG5hItLG9krk2mNBI421xRnaSYzG2kvcUqNL  
FtxTPyhsr9Rh105y2eQjWjekTW4V8e/CdAvK/YkOgUtPqNob2LbZeoTu0Iig9zWw  
Ur8Brr/vUQvIGxudIoCpNXyD2VDcVMhAivDZRqdFOQoA7omDTIuO9peVF/71w27u  
2ykEG8QZblkCjKLZXb1G1cpIq+VpGO7V0k92sKqw27npBPvqSXSwAsZ78pvL7Om+  
FJdp/rcQngEApQEUgcIAEvae37Da57Cz+0TTnDHa4N/w8HGjH8w=  
=dG6V  
-----END PGP SIGNATURE-----

Debian Security Advisory 5721-1

Red Hat Security Advisory 2024-4160-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4160.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: java-1.8.0-ibm security updateAdvisory ID:        RHSA-2024:4160-03Product:            Red Hat Enterprise Linux SupplementaryAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4160Issue date:         2024-06-27Revision:           03CVE Names:          CVE-2023-38264====================================================================Summary: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.Security Fix(es):* IBM JDK: Object Request Broker (ORB) denial of service (CVE-2023-38264)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-38264References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2279963

Red Hat Security Advisory 2024-4160-03

Red Hat Security Advisory 2024-4146-03 - An update for golang is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service and memory leak vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4146.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: golang security updateAdvisory ID:        RHSA-2024:4146-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4146Issue date:         2024-06-27Revision:           03CVE Names:          CVE-2023-45288====================================================================Summary: An update for golang is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The golang packages provide the Go programming language compiler.Security Fix(es):* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)* golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45288References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2262921https://bugzilla.redhat.com/show_bug.cgi?id=2268273

Red Hat Security Advisory 2024-4146-03

Red Hat Security Advisory 2024-4118-03 - An update is now available for Red Hat Ceph Storage 5.3. Issues addressed include denial of service and traversal vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4118.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Red Hat Ceph Storage 5.3 security, bug fix, and enhancement updateAdvisory ID:        RHSA-2024:4118-03Product:            Red Hat Ceph StorageAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4118Issue date:         2024-06-26Revision:           03CVE Names:          CVE-2023-39325====================================================================Summary: An update is now available for Red Hat Ceph Storage 5.3.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.Security Fix(es):* CVE-2023-39325 golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)*  grafana-container: go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)These new packages include numerous security updates, enhancements, and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:  https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5.3/html/release_notes/indexSolution:https://access.redhat.com/articles/1548993https://access.redhat.com/articles/11258CVEs:CVE-2023-39325References:https://access.redhat.com/security/updates/classification/#moderatehttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003https://access.redhat.com/security/cve/CVE-2023-39325https://access.redhat.com/security/cve/CVE-2023-45142https://access.redhat.com/security/cve/CVE-2023-49569https://bugzilla.redhat.com/show_bug.cgi?id=2243296https://bugzilla.redhat.com/show_bug.cgi?id=2245180https://bugzilla.redhat.com/show_bug.cgi?id=2257733https://bugzilla.redhat.com/show_bug.cgi?id=2258143https://bugzilla.redhat.com/show_bug.cgi?id=2259054https://bugzilla.redhat.com/show_bug.cgi?id=2260356https://bugzilla.redhat.com/show_bug.cgi?id=2264991https://bugzilla.redhat.com/show_bug.cgi?id=2279946https://bugzilla.redhat.com/show_bug.cgi?id=2281592https://bugzilla.redhat.com/show_bug.cgi?id=2291136https://bugzilla.redhat.com/show_bug.cgi?id=2292323https://bugzilla.redhat.com/show_bug.cgi?id=2292327

Red Hat Security Advisory 2024-4118-03

Red Hat Security Advisory 2024-4092-03 - An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 for RHEL 9. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4092.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: redhat-ds:12 security, bug fix update  
Advisory ID:        RHSA-2024:4092-03  
Product:            Red Hat Directory Server  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:4092  
Issue date:         2024-06-25  
Revision:           03  
CVE Names:          CVE-2024-2199  
====================================================================

Summary: 

An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 for RHEL 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

Description:

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fix(es):

* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) (2267976)

* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) (2274401)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* One level scoped search now returns a subsuffix correctly (BZ#2292903)

* Improved performance of filter component evaluation when tested against a large value set, such as group members (BZ#2293001)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-2199

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2267976  
https://bugzilla.redhat.com/show_bug.cgi?id=2274401  
https://bugzilla.redhat.com/show_bug.cgi?id=2292903  
https://bugzilla.redhat.com/show_bug.cgi?id=2293001

Red Hat Security Advisory 2024-4092-03

Red Hat Security Advisory 2024-4081-03 - An update for the quarkus-mandrel-java and quarkus-mandrel-23 packages is now available for the Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4081.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: [23.0] Security update for the 23.0 release (RPMs)Advisory ID:        RHSA-2024:4081-03Product:            Red Hat build of QuarkusAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4081Issue date:         2024-06-25Revision:           03CVE Names:          CVE-2024-20954====================================================================Summary: An update for the quarkus-mandrel-java and quarkus-mandrel-23 packages is now available for the Red Hat build of Quarkus.Red Hat Product Security has rated this update as having a security impactof Low. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.Description:The quarkus-mandrel-java and quarkus-mandrel-23 packages provide the GraalVM installation for the quarkus/mandrel-23-rhel8:23.0 container image on top of the latest release of OpenJDK 17.0.11.Security Fix(es):* org.graalvm.compiler/compiler: graalvm: Unauthorized Read Access(CVE-2024-20954)* org.graalvm.compiler/compiler: graalvm: unauthorized ability to cause a partial denial of service(CVE-2024-21098)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVEpage(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-20954References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=2278636https://bugzilla.redhat.com/show_bug.cgi?id=2278674

Red Hat Security Advisory 2024-4081-03

Red Hat Security Advisory 2024-4079-03 - An update for the quarkus-mandrel-java and quarkus-mandrel-231 packages is now available for the Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4079.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: [23.1] Security update for the 23.1 release (RPMs)Advisory ID:        RHSA-2024:4079-03Product:            Red Hat build of QuarkusAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4079Issue date:         2024-06-25Revision:           03CVE Names:          CVE-2024-20954====================================================================Summary: An update for the quarkus-mandrel-java and quarkus-mandrel-231 packages isnow available for the Red Hat build of Quarkus.Red Hat Product Security has rated this update as having a security impactof Low. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.Description:The quarkus-mandrel-java and quarkus-mandrel-231 packages provide theGraalVM installation for the quarkus/mandrel-for-jdk-21-rhel8:23.1 container image on top of the latest release of OpenJDK 21.0.3.Security Fix(es):* org.graalvm.compiler/compiler: graalvm: Unauthorized Read Access(CVE-2024-20954)* org.graalvm.compiler/compiler: graalvm: unauthorized ability to cause a partial denial of service(CVE-2024-21098)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVEpage(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-20954References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=2278636https://bugzilla.redhat.com/show_bug.cgi?id=2278674

Red Hat Security Advisory 2024-4079-03

Red Hat Security Advisory 2024-4078-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and traversal vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4078.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python3.9 security updateAdvisory ID:        RHSA-2024:4078-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4078Issue date:         2024-06-25Revision:           03CVE Names:          CVE-2023-6597====================================================================Summary: An update for python3.9 is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.Security Fix(es):* python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597)* python: The zipfile module is vulnerable to zip-bombs leading to denial of service (CVE-2024-0450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6597References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2276518https://bugzilla.redhat.com/show_bug.cgi?id=2276525

Tag

#dos