Red Hat Security Advisory 2024-6720-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6720.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:6720-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:6720  
Issue date:         2024-09-17  
Revision:           03  
CVE Names:          CVE-2024-7652  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: 115.15/128.2 ()

* mozilla: Type confusion when looking up a property name in a "with" block (CVE-2024-8381)

* mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran (CVE-2024-8382)

* mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions (CVE-2024-8384)

* mozilla: WASM type confusion involving ArrayTypes (CVE-2024-8385)

* mozilla: SelectElements could be shown over another site if popups are allowed (CVE-2024-8386)

* mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 (CVE-2024-8387)

* thunderbird: Crash when aborting verification of OTR chat (CVE-2024-8394)

* mozilla: Type Confusion in Async Generators in Javascript Engine (CVE-2024-7652)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-7652

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2307331  
https://bugzilla.redhat.com/show_bug.cgi?id=2309427  
https://bugzilla.redhat.com/show_bug.cgi?id=2309428  
https://bugzilla.redhat.com/show_bug.cgi?id=2309430  
https://bugzilla.redhat.com/show_bug.cgi?id=2309431  
https://bugzilla.redhat.com/show_bug.cgi?id=2309432  
https://bugzilla.redhat.com/show_bug.cgi?id=2309433  
https://bugzilla.redhat.com/show_bug.cgi?id=2310481  
https://bugzilla.redhat.com/show_bug.cgi?id=2310490

Red Hat Security Advisory 2024-6720-03

Red Hat Security Advisory 2024-6719-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6719.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:6719-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:6719  
Issue date:         2024-09-17  
Revision:           03  
CVE Names:          CVE-2024-7652  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: 115.15/128.2 ()

* mozilla: Type confusion when looking up a property name in a "with" block (CVE-2024-8381)

* mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran (CVE-2024-8382)

* mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions (CVE-2024-8384)

* mozilla: WASM type confusion involving ArrayTypes (CVE-2024-8385)

* mozilla: SelectElements could be shown over another site if popups are allowed (CVE-2024-8386)

* mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 (CVE-2024-8387)

* thunderbird: Crash when aborting verification of OTR chat (CVE-2024-8394)

* mozilla: Type Confusion in Async Generators in Javascript Engine (CVE-2024-7652)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-7652

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2307331  
https://bugzilla.redhat.com/show_bug.cgi?id=2309427  
https://bugzilla.redhat.com/show_bug.cgi?id=2309428  
https://bugzilla.redhat.com/show_bug.cgi?id=2309430  
https://bugzilla.redhat.com/show_bug.cgi?id=2309431  
https://bugzilla.redhat.com/show_bug.cgi?id=2309432  
https://bugzilla.redhat.com/show_bug.cgi?id=2309433  
https://bugzilla.redhat.com/show_bug.cgi?id=2310481  
https://bugzilla.redhat.com/show_bug.cgi?id=2310490

Red Hat Security Advisory 2024-6719-03

Debian Linux Security Advisory 5769-1 - Multiple issues were found in Git, a fast, scalable, distributed revision control system, which may result in file overwrites outside the repository, arbitrary configuration injection or arbitrary code execution.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5769-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoSeptember 13, 2024                    https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : gitCVE ID         : CVE-2023-25652 CVE-2023-25815 CVE-2023-29007 CVE-2024-32002                 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465Debian Bug     : 1034835 1071160Multiple issues were found in Git, a fast, scalable, distributedrevision control system, which may result in file overwrites outside therepository, arbitrary configuration injection or arbitrary codeexecution.For the stable distribution (bookworm), these problems have been fixed inversion 1:2.39.5-0+deb12u1.We recommend that you upgrade your git packages.For the detailed security status of git please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/gitFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmbklgFfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0QD9RAAiN4YarOU7lbe6MnW4vRpz1qJA4ph8WgtqRs5GKgMUBOPcLCCqDim/9Ylvib6iaH/8WW5Rh9TDXY5BuWZ/Ek5zU9oDcde2E3r4VUJDKdSICjyBpooc5iLsJpTjh8lHio+UjrNqBqoLAtyarCsj1muvO8l/f96O6qotP/wUJVqZfAyCpHFeeApzj7MdXWNt/j5YBSiu7dwZY+p0E1cKwGglJtZnUCcyJaelnLd6Igu2Lq+4OvuhqWhsmeEaDauOY43WA7Qwpu814XJG9lrMAyWZJFWnT/NEGYi0dm2vhbZzoS4V/WvCmtfyrCJlkXzKgG737YMpI99T7eP75BhSF6dw8aC5HCT6cG5Gv1apEhVC2hMIVot3ZVL/7ojml972rjltmMMgILStR7N9JWrDqXPpn8SWslwjMLfxHslZzG3YGJV5ihXtvefWafH7c0X7WVT1yTdE1FrTOnCIUfPc/J+jEXMWNd+vsV3aHdVVdZoHj8bDso47CZqMYwTa2Q0opuv+4CDnuG1wUZzv4ap1w21C36tSwIZ1u8CEMhyYzdZV7TUf/0XsDNsms2ewRNmEWXHGvxsw1+wdTpFeb9iahoGTfcDPq3gdr4W74yRn5ZryREu6G2C0zGMaPkfyjGcnDiHTGsET2qxX5Je0iTsLraWbLAB0iyHmABzsDCn/pJc7lE==iG6s-----END PGP SIGNATURE-----

Debian Security Advisory 5769-1

Red Hat Security Advisory 2024-6663-03 - An update for kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6663.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 security updateAdvisory ID:        RHSA-2024:6663-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6663Issue date:         2024-09-14Revision:           03CVE Names:          CVE-2024-41090====================================================================Summary: An update for kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-4.18.0-305.120.1.el8_4.Security Fix(es):* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41090References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2299240https://bugzilla.redhat.com/show_bug.cgi?id=2299336

Red Hat Security Advisory 2024-6663-03

Red Hat Security Advisory 2024-6662-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6662.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-setuptools security updateAdvisory ID:        RHSA-2024:6662-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6662Issue date:         2024-09-14Revision:           03CVE Names:          CVE-2024-6345====================================================================Summary: An update for python-setuptools is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 7-ELS Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6345References:https://access.redhat.com/security/updates/classification/#importanthttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7-ELS/html/7-ELS_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2297771

Red Hat Security Advisory 2024-6662-03

IFSC Code Finder Portal version 1.0 suffers from an ignored default credential vulnerability.

**IFSC Code Finder Portal 1.0 Insecure Settings**

Posted Sep 16, 2024

Authored by indoushka

IFSC Code Finder Portal version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 4c8714f261d6bcdc7f5ee89b4f1473342ced816a03f174b9a8bc607a329616e0

Download | Favorite | View

**IFSC Code Finder Portal 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : IFSC Code Finder Portal v1.0 Insecure Settings Vulnerability                                                                || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://phpgurukul.com/ifsc-code-finder-project-using-php/                                                                  |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = Test@123[+] http://127.0.0.1/ifscfinder/admin/login.phpGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,759)
*   Arbitrary (17,063)
*   BBS (2,859)
*   Bypass (1,915)
*   CGI (1,047)
*   Code Execution (7,895)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,423)
*   DoS (25,236)
*   Encryption (2,394)
*   Exploit (54,214)
*   File Inclusion (4,273)
*   File Upload (1,012)
*   Firewall (822)
*   Info Disclosure (2,913)
*   Intrusion Detection (918)
*   Java (3,156)
*   JavaScript (908)
*   Kernel (7,272)
*   Local (14,848)
*   Magazine (587)
*   Overflow (13,212)
*   Perl (1,435)
*   PHP (5,262)
*   Proof of Concept (2,409)
*   Protocol (3,749)
*   Python (1,656)
*   Remote (31,860)
*   Root (3,671)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,046)
*   Shell (3,303)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,716)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (673)
*   Vulnerability (33,064)
*   Web (10,136)
*   Whitepaper (3,784)
*   x86 (970)
*   XSS (18,290)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,120)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,142)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,780)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,828)
*   UNIX (9,454)
*   UnixWare (188)
*   Windows (6,766)
*   Other

IFSC Code Finder Portal 1.0 Insecure Settings

Red Hat Security Advisory 2024-6661-03 - An update for python3-setuptools is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6661.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python3-setuptools security updateAdvisory ID:        RHSA-2024:6661-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6661Issue date:         2024-09-14Revision:           03CVE Names:          CVE-2024-6345====================================================================Summary: An update for python3-setuptools is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 7-ELS Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6345References:https://access.redhat.com/security/updates/classification/#importanthttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7-ELS/html/7-ELS_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2297771

Red Hat Security Advisory 2024-6661-03

GYM Management System version 1.0 suffers from an ignored default credential vulnerability.

**GYM Management System 1.0 Insecure Settings**

Posted Sep 16, 2024

Authored by indoushka

GYM Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 5ee11f413d4f6dbbb71c2d782424145f8284d96790518d7c0e3923c5bd409844

Download | Favorite | View

**GYM Management System 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : GYM Management System 1.0 Insecure Settings Vulnerability                                                          || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.0 (64 bits)                                                   || # Vendor    : https://phpgurukul.com/gym-management-system-using-php-and-mysql/                                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload :     Username: admin@gmail.com      Password: Test@123[+] http://127.0.0.1/agms/admin/dashboard.phpGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,759)
*   Arbitrary (17,063)
*   BBS (2,859)
*   Bypass (1,915)
*   CGI (1,047)
*   Code Execution (7,895)
*   Conference (692)
*   Cracker (844)
*   CSRF (3,423)
*   DoS (25,236)
*   Encryption (2,394)
*   Exploit (54,214)
*   File Inclusion (4,273)
*   File Upload (1,012)
*   Firewall (822)
*   Info Disclosure (2,913)
*   Intrusion Detection (918)
*   Java (3,156)
*   JavaScript (908)
*   Kernel (7,272)
*   Local (14,848)
*   Magazine (587)
*   Overflow (13,212)
*   Perl (1,435)
*   PHP (5,262)
*   Proof of Concept (2,409)
*   Protocol (3,749)
*   Python (1,656)
*   Remote (31,860)
*   Root (3,671)
*   Rootkit (529)
*   Ruby (640)
*   Scanner (1,657)
*   Security Tool (8,046)
*   Shell (3,303)
*   Shellcode (1,219)
*   Sniffer (904)
*   Spoof (2,292)
*   SQL Injection (16,716)
*   TCP (2,463)
*   Trojan (690)
*   UDP (919)
*   Virus (673)
*   Vulnerability (33,064)
*   Web (10,136)
*   Whitepaper (3,784)
*   x86 (970)
*   XSS (18,290)
*   Other

**File Archives**

*   September 2024
*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   Older

**Systems**

*   AIX (430)
*   Apple (2,104)
*   BSD (378)
*   CentOS (61)
*   Cisco (1,954)
*   Debian (7,120)
*   Fedora (1,693)
*   FreeBSD (1,247)
*   Gentoo (4,567)
*   HPUX (881)
*   iOS (387)
*   iPhone (108)
*   IRIX (220)
*   Juniper (71)
*   Linux (51,142)
*   Mac OS X (696)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,780)
*   Slackware (941)
*   Solaris (1,615)
*   SUSE (1,444)
*   Ubuntu (9,828)
*   UNIX (9,454)
*   UnixWare (188)
*   Windows (6,766)
*   Other

GYM Management System 1.0 Insecure Settings

In a previous post-quantum (PQ) article, we introduced the threat that quantum computing presents for any systems, networks and applications that utilize cryptography. In this article, you’ll learn what you can do to assist your organization in achieving crypto-agility with Red Hat and what to expect of Red Hat products as we begin to integrate post-quantum cryptographic functions into them.The capabilities described in the following sections assume timely and functional implementation of industry standards and specifications and the libraries that implement them. If these are not achieved,

In a previous post-quantum (PQ) article, we introduced the threat that quantum computing presents for any systems, networks and applications that utilize cryptography. In this article, you’ll learn what you can do to assist your organization in achieving crypto-agility with Red Hat and what to expect of Red Hat products as we begin to integrate post-quantum cryptographic functions into them.

The capabilities described in the following sections assume timely and functional implementation of industry standards and specifications and the libraries that implement them. If these are not achieved, availability of these PQ-capabilities will likely be delayed.

****How you can get ready to take advantage of post-quantum cryptographic functions****

Customers are encouraged to inventory their sensitive and critical data and its location in their environments, and also to understand where they are receiving their encryption protections for this data. This can help them prioritize crypto-agility efforts on their most highly sensitive and critical assets and data.

****Concerning data at rest****

Customers will have to evaluate how to limit access to keys encrypted with classical asymmetric algorithms until a general solution for quantum-resistant key wrapping can be deployed. Data is generally encrypted with symmetric ciphers, and customers are recommended to make sure the key size is appropriate for the data they are protecting and to consider schemes that can provide 256-bit strength. The keys used in these schemes may themselves be protected using asymmetric encryption.

****Concerning data in transit and key exchange****

Customers will be able to optionally configure PQ-Capable Transport Layer Security (TLS), which is planned for inclusion in RHEL 10 but will not be enabled by default. For the Secure Shell protocol (SSH), Red Hat is waiting for upstream community adoption of NIST’s recent algorithm decision. When the upstream community has adopted the determined algorithm, Red Hat plans to integrate the appropriate packages and libraries for inclusion in a future RHEL version. Red Hat is closely monitoring the IETF’s discussion regarding Internet Protocol Security (IPsec) and once a decision has been made, Red Hat intends to identify a path for productization.

****Concerning data in transit and certificates****

While still early in the standardization process, TLS certificates will require years to standardize and then reach sufficient adoption due to a fundamental rebuild of world-wide Public Key Infrastructure (PKI), which is needed to transition to quantum-resistant certificate signature. Many outstanding decisions need to be made such as options for encoding post-quantum algorithms into signatures, decisions around hybrid keys versus separation of classic and post-quantum keys for certificates, compression due to key size, and more.

Red Hat is exploring the impact of this change across the upstream open source projects that we participate in along with Red Hat products, with the intent to be in the best position for the change with the least amount of impact. While SSH certificates are somewhat easier to deploy due to locality, the simplicity of their certificate structure and the "trust on first use" (TOFU) model do not use a centralized PKI or certificate chains which would otherwise be leveraged to facilitate the transition to PQ-Ready SSH certificates.

While IPsec certificates are subject to the same complexity and rebuild as TLS certificates, IPsec deployments often use custom certificate chains (private PKIs), so customers may experience a speedier deployment than public TLS in this regard. It is still dependent on the IETF coming to a decision.

****Concerning signing****

For software signing, Pretty Good Privacy (PGP) signatures which are used for RPM Package Manager (RPM) and Dandified Yum package manager (DNF), are currently undergoing standardization of resistant schemes with the IETF. The Sigstore project, to which Red Hat is a contributor, has a plan for adding configurable signing algorithms which may ease the transition to quantum-resistant algorithms in the future. Red Hat is engaged and keeping track of these efforts so as to quickly integrate quantum readiness into the portfolio.

For document and email signing, Cryptographic Message Syntax (CMS) and Secure/Multipurpose Internet Mail Extensions (S/MIME) are under development with standards bodies and organizations of competence (i.e. NIST, IETF, and others) and will experience similar challenges to implement as with TLS certificates and PKI infrastructure. Use of PGP signatures for document and email signing are contingent upon standardization with IETF as previously noted.

****What to expect of Red Hat products****

**Red Hat Enterprise Linux (RHEL)** serves as the foundation for Red Hat products. As RHEL cryptographic libraries become PQ-Capable and PQ-Ready, other Red Hat products will adopt those libraries. Some Red Hat products use or include cryptographic libraries that are not provided by RHEL in addition to or in place of cryptographic libraries provided by RHEL. These products will be adopting and integrating libraries that utilize NIST-approved quantum-resistant algorithms when they are available either as RHEL-provided or as part of their planning cycle (depending on the library and its source). As a result, customers will experience variability in the availability of PQ-Capable and PQ-Ready products.

Each product will have a different timeline for becoming PQ-Capable and PQ-Ready. Most products will follow behind RHEL, subject to cryptographic function use, affected libraries, protocols and other dependencies.  For example, if a cryptographic function is available in RHEL, it does not mean that it is readily available in Red Hat OpenShift at the same time. At this time there are no plans to deliver existing products with post-quantum cryptographic functions enabled by default.

****RHEL****

**Customers can expect RHEL 10 to be PQ-Capable.** Red Hat is targeting RHEL 10 to provide NIST-approved post-quantum cryptographic functions for RHEL and for use in custom applications. Customers can expect that some RHEL 10 components will use these functions, but not all RHEL 10 components will be PQ-Ready. Where RHEL 10 components have post-quantum cryptographic functions available, they will not be used by default in those components. Customers will be able to configure their RHEL servers to use post-quantum cryptographic functions in PQ-Capable components.

Customers _**should not**_ anticipate post-quantum cryptographic functions to be backported or included in RHEL 9 or earlier versions of RHEL.

**Customers can expect future RHEL releases to become PQ-Ready.** In future RHEL releases, post-quantum cryptographic functions will be available, and most RHEL components will transition to PQ-Ready.

****Red Hat OpenShift****

**Customers leveraging Red Hat OpenShift will inherit PQ-Capable cryptography as RHEL 10 becomes integrated.** OpenShift uses Red Hat Enterprise Linux CoreOS , a container-oriented operating system that is specifically designed for running containerized applications. When the RHEL 10-based PQ-Capable kernel is available and as other RHEL crypto libraries incorporate post-quantum cryptography, these will be included in Red Hat Enterprise Linux CoreOS and it will become PQ-Capable. In addition, OpenShift layered operators will, over time, be updated with RHEL 10 content.

**Customers leveraging Red Hat OpenShift will inherit PQ-Ready cryptography as included components become PQ-Ready, integrated, configured by default and released.** Following the same consecutive events defined above, the OpenShift family of products will become PQ-Ready as future RHEL-based PQ-Ready kernels are available and as directly incorporated post-quantum crypto libraries are configured as default, with the option to configure classical algorithms as needed. As new kernels are available, customers should expect some delay between their availability and the time at which the OpenShift family and other layered products provide PQ-Ready content.

****Red Hat OpenStack Services on OpenShift****

**Customers leveraging Red Hat OpenStack Services on OpenShift and previous versions of Red Hat OpenStack Platform will inherit PQ-Capable cryptography as RHEL 10 and OpenShift become integrated.** Red Hat OpenStack Services on OpenShift and the above are based on two main pieces:

*   Red Hat OpenStack Services on OpenShift control plane is now in the OpenShift family of products, with pods running on OpenShift and as such uses the cryptography provided by Red Hat Enterprise Linux Core OS. Please refer to the OpenShift section
*   Red Hat OpenStack Services on OpenShift data plane is based on RHEL, and as such leverages the RHEL provided cryptographic modules. Please refer to the RHEL section

When both products use PQ-Ready kernels, Red Hat OpenStack Services on OpenShift will be PQ-Capable.

**Customers leveraging Red Hat OpenStack will inherit PQ-Ready cryptography as included components become PQ-Ready, integrated, configured by default and released.** Following the same consecutive events defined above, OpenStack will become PQ-Ready as both RHEL and OpenShift/Red Hat Enterprise Linux Core OS become PQ-Ready.

****Red Hat Ansible Automation Platform****

**Customers using Ansible Automation Platform will inherit PQ-Capable and PQ-Ready cryptography as it becomes available, integrated and released.**  Ansible Automation Platform consumes cryptography provided by RHEL, so statements regarding PQ-Capable and PQ-Ready overall follow what is stated for RHEL.

****Red Hat Middleware and Application Services****

**Customers using Red Hat Middleware and Application Services will inherit PQ-Capable and PQ-Ready cryptography as it becomes available, integrated and released.**  Red Hat’s collection of Middleware products and Applications Services (such as JBoss EAP, Data Grid, AMQ, Fuse, Quarkus and others) consume cryptography provided by RHEL. Therefore, statements regarding PQ-Capable and PQ-Ready overall follow what is stated for RHEL. Any cryptographic exchange not originating with Red Hat products (such as endpoint/client initiated) is outside Red Hat's authority to provide post-quantum timelines. PQ-Capable and PQ-Ready statements do not apply to Middleware and Application services that are not currently packaged with cryptography.

****Managing ongoing quantum-security risk with crypto-agility****

There is an ongoing risk that cryptanalysis (the process of analyzing and decrypting ciphers, codes and encrypted text to breach cryptographic protections) will uncover severe or even fatal flaws for these new algorithms. As such, Red Hat is committed to helping customers achieve crypto-agility through selection of contemporary and emergent approved algorithms, enabling support for hybrid implementations to maintain a strong security posture as new algorithms and packages are approved, incorporated and used. Please refer to our previous article for more information on hybrid implementation.

Red Hat’s response to vulnerabilities discovered and reported against cryptographic algorithms will adhere to Red Hat’s current vulnerability and incident response program for remediation.

Red Hat remains committed to partnering with upstream open source projects and maintainers to assist and prioritize inclusion of those functions.

****More information****

If you have additional questions, please reach out to your Red Hat account manager. Red Hat is committed to supporting customers in achieving and maintaining post-quantum security.

How Red Hat is integrating post-quantum cryptography into our products

Ubuntu Security Notice 7009-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-7009-1September 13, 2024linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systemsDetails:Chenyuan Yang discovered that the CEC driver driver in the Linux kernelcontained a use-after-free vulnerability. A local attacker could use thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2024-23848)Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kerneldid not properly check for the device to be enabled before writing. A localattacker could possibly use this to cause a denial of service.(CVE-2024-25741)It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM64 architecture;  - M68K architecture;  - MIPS architecture;  - PowerPC architecture;  - RISC-V architecture;  - x86 architecture;  - Block layer subsystem;  - Cryptographic API;  - Accessibility subsystem;  - ACPI drivers;  - Serial ATA and Parallel ATA drivers;  - Drivers core;  - Bluetooth drivers;  - Character device driver;  - CPU frequency scaling framework;  - Hardware crypto device drivers;  - Buffer Sharing and Synchronization framework;  - DMA engine subsystem;  - FPGA Framework;  - GPIO subsystem;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - HW tracing;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Input Device (Mouse) drivers;  - Macintosh device drivers;  - Multiple devices driver;  - Media drivers;  - VMware VMCI Driver;  - Network drivers;  - Near Field Communication (NFC) drivers;  - NVME drivers;  - Pin controllers subsystem;  - PTP clock framework;  - S/390 drivers;  - SCSI drivers;  - SoundWire subsystem;  - Greybus lights staging drivers;  - Media staging drivers;  - Thermal drivers;  - TTY drivers;  - USB subsystem;  - DesignWare USB3 driver;  - Framebuffer layer;  - ACRN Hypervisor Service Module driver;  - eCrypt file system;  - File systems infrastructure;  - Ext4 file system;  - F2FS file system;  - JFFS2 file system;  - JFS file system;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - IOMMU subsystem;  - Memory management;  - Netfilter;  - BPF subsystem;  - Kernel debugger infrastructure;  - DMA mapping infrastructure;  - IRQ subsystem;  - Tracing infrastructure;  - 9P file system network protocol;  - B.A.T.M.A.N. meshing protocol;  - CAN network layer;  - Ceph Core library;  - Networking core;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - MAC80211 subsystem;  - Multipath TCP;  - NET/ROM layer;  - NFC subsystem;  - Open vSwitch;  - Network traffic control;  - TIPC protocol;  - TLS protocol;  - Unix domain sockets;  - Wireless networking;  - XFRM subsystem;  - ALSA framework;  - SoC Audio for Freescale CPUs drivers;  - Kirkwood ASoC drivers;(CVE-2024-38613, CVE-2024-42096, CVE-2024-40908, CVE-2024-42137,CVE-2024-38590, CVE-2024-41044, CVE-2024-39480, CVE-2024-39469,CVE-2024-39471, CVE-2024-42089, CVE-2024-38588, CVE-2024-41092,CVE-2024-42120, CVE-2024-40901, CVE-2024-40981, CVE-2024-42127,CVE-2024-40932, CVE-2024-39475, CVE-2024-40957, CVE-2024-39501,CVE-2024-42090, CVE-2024-40904, CVE-2024-40978, CVE-2022-48772,CVE-2024-40934, CVE-2024-38548, CVE-2024-41005, CVE-2024-36489,CVE-2024-36978, CVE-2024-38573, CVE-2024-42106, CVE-2024-42104,CVE-2024-42085, CVE-2024-38621, CVE-2024-42098, CVE-2024-38662,CVE-2024-38587, CVE-2024-41089, CVE-2024-42095, CVE-2024-40916,CVE-2024-39487, CVE-2024-42229, CVE-2023-52884, CVE-2024-40974,CVE-2024-40980, CVE-2024-42225, CVE-2024-39502, CVE-2024-37356,CVE-2024-39488, CVE-2024-40912, CVE-2024-39507, CVE-2024-38591,CVE-2024-31076, CVE-2024-40984, CVE-2024-39500, CVE-2024-38582,CVE-2024-34027, CVE-2024-36270, CVE-2024-42076, CVE-2024-42247,CVE-2024-42154, CVE-2024-41047, CVE-2024-42244, CVE-2024-41049,CVE-2024-33847, CVE-2024-36015, CVE-2024-42161, CVE-2024-42082,CVE-2024-41048, CVE-2024-40961, CVE-2024-41000, CVE-2024-38598,CVE-2024-41040, CVE-2024-36971, CVE-2024-41007, CVE-2024-36972,CVE-2024-38610, CVE-2024-40937, CVE-2024-38615, CVE-2024-38555,CVE-2024-40943, CVE-2024-39466, CVE-2024-40990, CVE-2024-42115,CVE-2024-40995, CVE-2024-38612, CVE-2024-40987, CVE-2024-38558,CVE-2024-42236, CVE-2024-38381, CVE-2024-42157, CVE-2024-38560,CVE-2024-42101, CVE-2024-40970, CVE-2024-42094, CVE-2024-42148,CVE-2024-35247, CVE-2024-40963, CVE-2024-38580, CVE-2024-38633,CVE-2024-38637, CVE-2024-40905, CVE-2024-41093, CVE-2024-38619,CVE-2024-42093, CVE-2024-40945, CVE-2024-42092, CVE-2024-36286,CVE-2024-40954, CVE-2024-41041, CVE-2024-38571, CVE-2024-39503,CVE-2024-38546, CVE-2024-40976, CVE-2024-36014, CVE-2024-41087,CVE-2024-42109, CVE-2024-42070, CVE-2024-42080, CVE-2024-41006,CVE-2024-42145, CVE-2024-40960, CVE-2024-38597, CVE-2024-42086,CVE-2024-40967, CVE-2024-42130, CVE-2024-42153, CVE-2024-39509,CVE-2024-40914, CVE-2024-39277, CVE-2024-41055, CVE-2024-41095,CVE-2024-38780, CVE-2024-36974, CVE-2024-38607, CVE-2024-38583,CVE-2024-40927, CVE-2024-39490, CVE-2024-38599, CVE-2023-52887,CVE-2024-38565, CVE-2024-38552, CVE-2024-40942, CVE-2024-37078,CVE-2024-40911, CVE-2024-41035, CVE-2024-38550, CVE-2024-42102,CVE-2024-42121, CVE-2024-36032, CVE-2024-42240, CVE-2024-42140,CVE-2024-38589, CVE-2024-40931, CVE-2024-39505, CVE-2024-38596,CVE-2024-42223, CVE-2024-38567, CVE-2024-39495, CVE-2024-40959,CVE-2024-38586, CVE-2024-42087, CVE-2024-38661, CVE-2024-41097,CVE-2024-38559, CVE-2024-38618, CVE-2024-39493, CVE-2024-41002,CVE-2024-40958, CVE-2024-39468, CVE-2024-38601, CVE-2024-39499,CVE-2024-39482, CVE-2024-38579, CVE-2024-42077, CVE-2024-38578,CVE-2024-34777, CVE-2024-39301, CVE-2024-38605, CVE-2024-42131,CVE-2024-42084, CVE-2024-41027, CVE-2024-40968, CVE-2024-38547,CVE-2024-42119, CVE-2024-38627, CVE-2024-40941, CVE-2024-40994,CVE-2024-40988, CVE-2024-40902, CVE-2024-41046, CVE-2024-38549,CVE-2024-39506, CVE-2024-38634, CVE-2024-42124, CVE-2024-42105,CVE-2024-38623, CVE-2024-38624, CVE-2024-33621, CVE-2024-42068,CVE-2024-36894, CVE-2024-39489, CVE-2024-42270, CVE-2024-40929,CVE-2024-39276, CVE-2024-42152, CVE-2024-41034, CVE-2024-40983,CVE-2024-42224, CVE-2024-40956, CVE-2024-40971, CVE-2024-38635,CVE-2024-42097, CVE-2024-42232, CVE-2024-38659, CVE-2024-39467,CVE-2024-41004)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-5.15.0-1072-azure   5.15.0-1072.81  linux-image-5.15.0-1072-azure-fde  5.15.0-1072.81.1  linux-image-azure-fde-lts-22.04  5.15.0.1072.81.49  linux-image-azure-lts-22.04     5.15.0.1072.70Ubuntu 20.04 LTS  linux-image-5.15.0-1072-azure   5.15.0-1072.81~20.04.1  linux-image-azure               5.15.0.1072.81~20.04.1  linux-image-azure-cvm           5.15.0.1072.81~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7009-1  CVE-2022-48772, CVE-2023-52884, CVE-2023-52887, CVE-2024-23848,  CVE-2024-25741, CVE-2024-31076, CVE-2024-33621, CVE-2024-33847,  CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-36014,  CVE-2024-36015, CVE-2024-36032, CVE-2024-36270, CVE-2024-36286,  CVE-2024-36489, CVE-2024-36894, CVE-2024-36971, CVE-2024-36972,  CVE-2024-36974, CVE-2024-36978, CVE-2024-37078, CVE-2024-37356,  CVE-2024-38381, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548,  CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38555,  CVE-2024-38558, CVE-2024-38559, CVE-2024-38560, CVE-2024-38565,  CVE-2024-38567, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578,  CVE-2024-38579, CVE-2024-38580, CVE-2024-38582, CVE-2024-38583,  CVE-2024-38586, CVE-2024-38587, CVE-2024-38588, CVE-2024-38589,  CVE-2024-38590, CVE-2024-38591, CVE-2024-38596, CVE-2024-38597,  CVE-2024-38598, CVE-2024-38599, CVE-2024-38601, CVE-2024-38605,  CVE-2024-38607, CVE-2024-38610, CVE-2024-38612, CVE-2024-38613,  CVE-2024-38615, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621,  CVE-2024-38623, CVE-2024-38624, CVE-2024-38627, CVE-2024-38633,  CVE-2024-38634, CVE-2024-38635, CVE-2024-38637, CVE-2024-38659,  CVE-2024-38661, CVE-2024-38662, CVE-2024-38780, CVE-2024-39276,  CVE-2024-39277, CVE-2024-39301, CVE-2024-39466, CVE-2024-39467,  CVE-2024-39468, CVE-2024-39469, CVE-2024-39471, CVE-2024-39475,  CVE-2024-39480, CVE-2024-39482, CVE-2024-39487, CVE-2024-39488,  CVE-2024-39489, CVE-2024-39490, CVE-2024-39493, CVE-2024-39495,  CVE-2024-39499, CVE-2024-39500, CVE-2024-39501, CVE-2024-39502,  CVE-2024-39503, CVE-2024-39505, CVE-2024-39506, CVE-2024-39507,  CVE-2024-39509, CVE-2024-40901, CVE-2024-40902, CVE-2024-40904,  CVE-2024-40905, CVE-2024-40908, CVE-2024-40911, CVE-2024-40912,  CVE-2024-40914, CVE-2024-40916, CVE-2024-40927, CVE-2024-40929,  CVE-2024-40931, CVE-2024-40932, CVE-2024-40934, CVE-2024-40937,  CVE-2024-40941, CVE-2024-40942, CVE-2024-40943, CVE-2024-40945,  CVE-2024-40954, CVE-2024-40956, CVE-2024-40957, CVE-2024-40958,  CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40963,  CVE-2024-40967, CVE-2024-40968, CVE-2024-40970, CVE-2024-40971,  CVE-2024-40974, CVE-2024-40976, CVE-2024-40978, CVE-2024-40980,  CVE-2024-40981, CVE-2024-40983, CVE-2024-40984, CVE-2024-40987,  CVE-2024-40988, CVE-2024-40990, CVE-2024-40994, CVE-2024-40995,  CVE-2024-41000, CVE-2024-41002, CVE-2024-41004, CVE-2024-41005,  CVE-2024-41006, CVE-2024-41007, CVE-2024-41027, CVE-2024-41034,  CVE-2024-41035, CVE-2024-41040, CVE-2024-41041, CVE-2024-41044,  CVE-2024-41046, CVE-2024-41047, CVE-2024-41048, CVE-2024-41049,  CVE-2024-41055, CVE-2024-41087, CVE-2024-41089, CVE-2024-41092,  CVE-2024-41093, CVE-2024-41095, CVE-2024-41097, CVE-2024-42068,  CVE-2024-42070, CVE-2024-42076, CVE-2024-42077, CVE-2024-42080,  CVE-2024-42082, CVE-2024-42084, CVE-2024-42085, CVE-2024-42086,  CVE-2024-42087, CVE-2024-42089, CVE-2024-42090, CVE-2024-42092,  CVE-2024-42093, CVE-2024-42094, CVE-2024-42095, CVE-2024-42096,  CVE-2024-42097, CVE-2024-42098, CVE-2024-42101, CVE-2024-42102,  CVE-2024-42104, CVE-2024-42105, CVE-2024-42106, CVE-2024-42109,  CVE-2024-42115, CVE-2024-42119, CVE-2024-42120, CVE-2024-42121,  CVE-2024-42124, CVE-2024-42127, CVE-2024-42130, CVE-2024-42131,  CVE-2024-42137, CVE-2024-42140, CVE-2024-42145, CVE-2024-42148,  CVE-2024-42152, CVE-2024-42153, CVE-2024-42154, CVE-2024-42157,  CVE-2024-42161, CVE-2024-42223, CVE-2024-42224, CVE-2024-42225,  CVE-2024-42229, CVE-2024-42232, CVE-2024-42236, CVE-2024-42240,  CVE-2024-42244, CVE-2024-42247, CVE-2024-42270Package Information:  https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1072.81  https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1072.81.1  https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1072.81~20.04.1

Tag

#linux