Red Hat Security Advisory 2024-7431-03 - An update for kpatch-patch-5_14_0-284_52_1 and kpatch-patch-5_14_0-284_79_1 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7431.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch-5_14_0-284_52_1 and kpatch-patch-5_14_0-284_79_1 security updateAdvisory ID:        RHSA-2024:7431-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7431Issue date:         2024-10-01Revision:           03CVE Names:          CVE-2024-41071====================================================================Summary: An update for kpatch-patch-5_14_0-284_52_1 and kpatch-patch-5_14_0-284_79_1 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-5.14.0-284.52.1.el9_2.Security Fix(es):* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41071References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7431-03

Red Hat Security Advisory 2024-7430-03 - An update for kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7430.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 security updateAdvisory ID:        RHSA-2024:7430-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7430Issue date:         2024-10-01Revision:           03CVE Names:          CVE-2024-41071====================================================================Summary: An update for kpatch-patch-4_18_0-477_43_1 and kpatch-patch-4_18_0-477_67_1 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-4.18.0-477.43.1.el8_8.Security Fix(es):* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41071References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7430-03

Red Hat Security Advisory 2024-7429-03 - An update for kpatch-patch-4_18_0-553 and kpatch-patch-4_18_0-553_16_1 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7429.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: kpatch-patch-4_18_0-553 and kpatch-patch-4_18_0-553_16_1 security update  
Advisory ID:        RHSA-2024:7429-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7429  
Issue date:         2024-10-01  
Revision:           03  
CVE Names:          CVE-2024-41071  
====================================================================

Summary: 

An update for kpatch-patch-4_18_0-553 and kpatch-patch-4_18_0-553_16_1 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-4.18.0-553.16.1.el8_10.

Security Fix(es):

* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-41071

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2299240  
https://bugzilla.redhat.com/show_bug.cgi?id=2299336  
https://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7429-03

Red Hat Security Advisory 2024-7428-03 - An update for kpatch-patch-5_14_0-70_112_1 and kpatch-patch-5_14_0-70_85_1 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7428.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch-5_14_0-70_112_1 and kpatch-patch-5_14_0-70_85_1 security updateAdvisory ID:        RHSA-2024:7428-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7428Issue date:         2024-10-01Revision:           03CVE Names:          CVE-2024-41071====================================================================Summary: An update for kpatch-patch-5_14_0-70_112_1 and kpatch-patch-5_14_0-70_85_1 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-5.14.0-70.85.1.el9_0.Security Fix(es):* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41071References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7428-03

Red Hat Security Advisory 2024-7427-03 - An update for kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include code execution and use-after-free vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7427.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 security updateAdvisory ID:        RHSA-2024:7427-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7427Issue date:         2024-10-01Revision:           03CVE Names:          CVE-2024-36886====================================================================Summary: An update for kpatch-patch-4_18_0-305_120_1 and kpatch-patch-4_18_0-305_138_1 is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-4.18.0-305.120.1.el8_4.Security Fix(es):* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-36886References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2277238https://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7427-03

Gentoo Linux Security Advisory 202409-32 - Multiple vulnerabilities have been discovered in nginx, the worst of which could result in denial of service. Versions greater than or equal to 1.26.2-r2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-32  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: nginx: Multiple Vulnerabilities  
     Date: September 28, 2024  
     Bugs: #924619, #937938  
       ID: 202409-32

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in nginx, the worst of  
which could result in denial of service.

Background  
==========

nginx is a robust, small, and high performance HTTP and reverse proxy  
server.

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
www-servers/nginx  < 1.26.2-r2   >= 1.26.2-r2

Description  
===========

Multiple vulnerabilities have been discovered in nginx. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All nginx users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.26.2-r2"

References  
==========

[ 1 ] CVE-2024-7347  
      https://nvd.nist.gov/vuln/detail/CVE-2024-7347  
[ 2 ] CVE-2024-24989  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24989  
[ 3 ] CVE-2024-24990  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24990

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-32

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-32

Gentoo Linux Security Advisory 202409-31 - Multiple vulnerabilities have been found in Apache HTTPD, the worst of which could result in denial of service. Versions greater than or equal to 2.4.62 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-31  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Apache HTTPD: Multiple Vulnerabilities  
     Date: September 28, 2024  
     Bugs: #928540, #935296, #935427, #936257  
       ID: 202409-31

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Apache HTTPD, the worst of  
which could result in denial of service.

Background  
==========

The Apache HTTP server is one of the most popular web servers on the  
Internet.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
www-servers/apache  < 2.4.62      >= 2.4.62

Description  
===========

Multiple vulnerabilities have been discovered in Apache HTTPD. Please  
review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Apache HTTPD users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.62"

References  
==========

[ 1 ] CVE-2023-38709  
      https://nvd.nist.gov/vuln/detail/CVE-2023-38709  
[ 2 ] CVE-2024-24795  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24795  
[ 3 ] CVE-2024-27316  
      https://nvd.nist.gov/vuln/detail/CVE-2024-27316  
[ 4 ] CVE-2024-36387  
      https://nvd.nist.gov/vuln/detail/CVE-2024-36387  
[ 5 ] CVE-2024-38472  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38472  
[ 6 ] CVE-2024-38473  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38473  
[ 7 ] CVE-2024-38474  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38474  
[ 8 ] CVE-2024-38475  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38475  
[ 9 ] CVE-2024-38476  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38476  
[ 10 ] CVE-2024-38477  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38477  
[ 11 ] CVE-2024-39573  
      https://nvd.nist.gov/vuln/detail/CVE-2024-39573  
[ 12 ] CVE-2024-39884  
      https://nvd.nist.gov/vuln/detail/CVE-2024-39884  
[ 13 ] CVE-2024-40725  
      https://nvd.nist.gov/vuln/detail/CVE-2024-40725  
[ 14 ] CVE-2024-40898  
      https://nvd.nist.gov/vuln/detail/CVE-2024-40898

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-31

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-31

Gentoo Linux Security Advisory 202409-30 - Multiple vulnerabilities have been found in yt-dlp, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2024.07.01 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-30  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: yt-dlp: Multiple Vulnerabilities  
     Date: September 28, 2024  
     Bugs: #909780, #917355, #935316  
       ID: 202409-30

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in yt-dlp, the worst of which  
could result in arbitrary code execution.

Background  
==========

yt-dlp is a youtube-dl fork with additional features and fixes.

Affected packages  
=================

Package          Vulnerable    Unaffected  
---------------  ------------  -------------  
net-misc/yt-dlp  < 2024.07.01  >= 2024.07.01

Description  
===========

Multiple vulnerabilities have been found in yt-dlp. Please review the  
referenced CVE identifiers for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All yt-dlp users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-misc/yt-dlp-2024.07.01"

References  
==========

[ 1 ] CVE-2023-35934  
      https://nvd.nist.gov/vuln/detail/CVE-2023-35934  
[ 2 ] CVE-2023-46121  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46121  
[ 3 ] CVE-2024-38519  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38519

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-30

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-30

Gentoo Linux Security Advisory 202409-29 - Multiple vulnerabilities have been discovered in Docker, the worst of which could result in denial of service. Versions greater than or equal to 25.0.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-29  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Docker: Multiple Vulnerabilities  
     Date: September 28, 2024  
     Bugs: #816273, #869407, #877653, #886509, #903804, #905336, #925022  
       ID: 202409-29

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Docker, the worst of  
which could result in denial of service.

Background  
==========

Docker contains the the core functions you need to create Docker images  
and run Docker containers

Affected packages  
=================

Package                Vulnerable    Unaffected  
---------------------  ------------  ------------  
app-containers/docker  < 25.0.4      >= 25.0.4

Description  
===========

Multiple vulnerabilities have been discovered in Docker. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Docker users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-containers/docker-25.0.4"

References  
==========

[ 1 ] CVE-2021-41089  
      https://nvd.nist.gov/vuln/detail/CVE-2021-41089  
[ 2 ] CVE-2021-41091  
      https://nvd.nist.gov/vuln/detail/CVE-2021-41091  
[ 3 ] CVE-2022-36109  
      https://nvd.nist.gov/vuln/detail/CVE-2022-36109  
[ 4 ] CVE-2022-41717  
      https://nvd.nist.gov/vuln/detail/CVE-2022-41717  
[ 5 ] CVE-2023-26054  
      https://nvd.nist.gov/vuln/detail/CVE-2023-26054  
[ 6 ] CVE-2023-28840  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28840  
[ 7 ] CVE-2023-28841  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28841  
[ 8 ] CVE-2023-28842  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28842  
[ 9 ] CVE-2024-23650  
      https://nvd.nist.gov/vuln/detail/CVE-2024-23650  
[ 10 ] CVE-2024-23651  
      https://nvd.nist.gov/vuln/detail/CVE-2024-23651  
[ 11 ] CVE-2024-23652  
      https://nvd.nist.gov/vuln/detail/CVE-2024-23652  
[ 12 ] CVE-2024-23653  
      https://nvd.nist.gov/vuln/detail/CVE-2024-23653  
[ 13 ] CVE-2024-24557  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24557

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-29

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-29

A single command line can show you about 20,000 instances of CWE-73 issues with Microsoft Windows.

    Hi @ll,<https://cwe.mitre.org/data/definitions/73.html>CWE-73: External Control of File Name or Pathis a well-known and well-documented weakness.<https://seclists.org/fulldisclosure/2020/Mar/48> as well as<https://skanthak.homepage.t-online.de/offender.html> demonstrate how to(ab)use just one instance of this weakness (introduced about 7 years agowith Microsoft Defender, so-called "security software") due to anenvironment variable in the (registered) path name of an executable fileto gain execution of arbitrary code.But that's of course not the only instance of this VERY EASY to exploitweakness present in ALL versions of Windows since more than 30 (in words:THIRTY) years -- start a command processor and run the following commandline to show about 20,000 instances of path names registered with (user-controlled) environment variables:    REG.exe QUERY HKEY_LOCAL_MACHINE /C /D /F "%*%\\" /Sstay tuned, and far away from the vulnerable crap made in RedmondStefan KanthakPS: just yesterday, Microsoft dared to publish    <https://www.microsoft.com/en-us/security/blog/2024/09/23/securing-our-future-september-2024-progress-update-on-microsofts-secure-future-initiative-sfi/>,    bragging "we've dedicated the equivalent of 34,000 full-time engineers    to SFI-making it the largest cybersecurity engineering effort in history"    What about dedicating the equivalent of just ONE full-time employee to    every instance of just ONE ow Windows weaknesses?

Tag

#mac