Cybercriminals are exploiting the ongoing Sean “Diddy” Combs scandal by spreading the new PDiddySploit malware hidden in infected…

Cybercriminals are exploiting the ongoing Sean “Diddy” Combs scandal by spreading the new PDiddySploit malware hidden in infected files, targeting curious and unsuspecting social media users, particularly those on X.com (formerly Twitter).

Cybercriminals are wasting no time exploiting the recent scandal involving Sean “Diddy” Combs. As the public’s curiosity surges over the music mogul controversy, cybercriminals have seized the moment to spread a new strain of malware designed to take advantage of the growing interest.

According to Veriti’s research team, a new Trojan malware dubbed PDiddySploit has been identified. This malware, part of the PySilon RAT (Remote Access Trojan) family, is developed to exploit those seeking information about Diddy’s now-deleted social media activity on platforms like X.com (formerly Twitter).

The Trojan, which has advanced capabilities for stealing sensitive data, monitoring keystrokes, recording screen activity and remotely controlling infected systems, can severely compromise anyone’s security and privacy.

****The PDiddySploit Threat****

First discovered on September 13, 2024, PDiddySploit is a direct variant of the PySilon RAT, which is notorious for its adaptability and malicious functionalities. PySilon, an open-source **Python-based malware**, has become a preferred tool for threat actors due to its ability to evolve and spread quickly.

The current version of PySilon RAT is version 3.6 and since June 2023 alone over 300 samples have been found on **VirusTotal**, showing how cybercriminals are continuously refining this tool.

****Celebrity Scandals as a Gateway for Malware Attacks****

According to Veriti’s **report** shared with Hackread.com ahead of publishing on Tuesday, one of the most alarming aspects of this wave of attacks is how closely they are tied to Diddy’s deleted social media content.

One major part of this malware attack is how cybercriminals are uploading files that claim to contain “removed” posts and replies from Diddy’s X.com account, and these files are being used as bait to lure unsuspecting users. Curious individuals who want to see what was deleted are being tricked into downloading these files, unknowingly infecting their devices with the PDiddySploit Trojan.

One of the malicious files with deleted Diddy posts was uploaded by a now-deleted account @lamps\_apple on Virus Total (Screenshot via Veriti)

This tactic is effective because of the public’s curiosity. As the scandal gets more media attention, attackers know that many users will search for more information, especially content that has been taken down.

Veriti’s analysis uncovered several of these malicious files on platforms like VirusTotal, all associated with Diddy’s deleted posts. These files, packaged to appear like legitimate screenshots or documents, are loaded with malware, turning curiosity into a cybersecurity nightmare.

****Diddy and Malware****

Interestingly, this is not the first time Sean “Diddy” Combs’ name has been associated with malware. **Back in 2013**, a similar attack was launched, using Diddy’s hit song “I’m Coming Home” as the bait. That malware, disguised as an MP3 file, targeted users who wanted to download the track.

In similar attacks, hackers exploited the nude celebrity photo leaks scandal **in December 2016** to lure victims into downloading malicious PDF files loaded with malware. **In February 2020**, cybercriminals used Oscar movie nominations as bait, tricking users into downloading malware disguised as “free downloads” of movies nominated for the 2020 Oscar Best Picture award.

Nevertheless, while it may be tempting to explore deleted content or hidden details, letting curiosity take over can expose your device to malware. Additionally, the increasing sophistication of malware like PySilon RAT, added with the lure of celebrity conspiracy, sets the stage for successful cyberattacks. Therefore, watch out for social media trends, especially those addressing high-profile scandals.

1.  **Hackers Hiding DcRAT Malware in Fake OnlyFans Content**
2.  **Crooks using Marvel’s Black Widow movie to spread malware**
3.   **Torrent uploader CracksNow distributed GrandCrab ransomware**
4.  **Fake OnlyFans Checker Tool Infects Hackers with Lummac Stealer**
5.  **Russian Hackers Control Malware via Britney Spears Instagram Posts**

PDiddySploit Malware Hidden in Files Claiming to Reveal Deleted Diddy Posts

The RISC-V chip architecture is gaining popularity worldwide, but the fact that it is easy to modify the processor design means it is also easy to introduce hard-to-patch vulnerabilities in the chips.

Source: Science Photo Library via Alamy Stock Photo

An emerging chip architecture gaining traction in smartphones, automotive technologies, and other electronics may find adoption stymied by security concerns.

Using x86 and ARM processors for hardware development can get expensive because of royalties that have to be paid to the owners (Intel and Arm). RISC-V is an instruction set on which customers can personalize silicon chips to meet their needs, much like how Lego blocks are put together. RISC-V is open and free to license, so anyone can design, manufacture, and sell RISC-V chips and software.

RISC-V is drawing interest among companies in the auto, critical infrastructure, and industrial sectors. For example, NASA is creating chips based on RISC-V that it intends to use in its space programs. Omdia estimates RISC-V shipments could tally 17 billion processors in 2030, improving 50% every year starting in 2024.

"46% of those processors are expected to be found in industrial applications, although the biggest growth over the forecast period will come in the automotive segment," Omdia said.

**Vulnerabilities in Designs**

RISC-V's open-source ethos is its biggest advantage, but also a liability: bad actors could introduce backdoors in the chip designs. Vulnerabilities in RISC-V chips used in automotive technology or critical infrastructure could be disastrous.

At Black Hat USA in August, researchers disclosed Ghostwrite, which allows users to bypass memory protection and access privileged memory in a RISC-V chip design called Xuantie C910. The Xuantie C910, designed by T-Head, a subsidiary of China-based Alibaba Group, received a lot of publicity when it was launched three years ago. It was one of the earliest RISC-V processors with a vector extension, which helps CPUs run demanding applications that include AI.

The vulnerability is particularly concerning because it affects the chip's proprietary vector extension, which wasn't properly implemented, says Fabian Thomas, a researcher in the group at CISPA Helmholtz Center for Information Security that discovered GhostWrite. Chip makers can patch the C910 by disabling the vector extension, but it will still be difficult to implement.

"People bought it and built 64-core machines because of that, and now we have to tell them to disable it," Thomas says.

**Shared Designs, Hard to Patch**

The issue is not in the RISC-V architecture itself, but in a faulty silicon implementation. Chip designers are enthusiastic about sharing RISC-V designs, but this means that designs with vulnerabilities may potentially be replicated and used in various areas. Resulting devices could be vulnerable to attack, and may be difficult to patch with microcode updates.

"The digital transformation happening in these sectors means they're all connected now, creating potential to exploit across all these very safety-critical systems," says Margaret Schmitt, a hardware security consultant.

It's already difficult to fix hardware vulnerabilities with firmware updates. The open nature of this chip architecture means it will be difficult to fix them in the field. "The silicon vulnerability is worse because you can't really fix them in the field in many cases... if it connects to critical infrastructure, this could be seen forever," says Alex Matrosov, CEO at Binarly.io.

There are hundreds of RISC-V designs available on GitHub to pick up, but security teams need to consider the risks of winding up with malicious chip designs with backdoors. "This is similar to open-source software projects where people \[make\] changes, saying 'I'm making it better,' but it's actually a backdoor or malware," Schmitt says.

The concern is especially heightened as the RISC-V architecture has become a priority for Russia and China, which are investing heavily in the technology to build homegrown chips. China and Russia ramped up RISC-V adoption after the U.S. banned the export of advanced chips to these countries amid trade and political hostilities.

The U.S. government has already talked about limiting RISC-V access to China, though that may be hard to do as the architecture is open source.

"You're seeing a potential basis for China to use this, a potential for unintended or intentionally added weaknesses to be a serious concern," says Schmitt.

**Working With Security Partners**

Organizations working with RISC-V chips on a shoestring budget may make the decision to sacrifice security, says Mike Eftimakis, vice president of strategy and ecosystem at Codasip, a software company.

"To be able to find a bug, you have to have the infrastructure behind you. It's very expensive and requires specialized knowledge, so it naturally shrinks the base of people who could potentially help with the verification of these devices," Eftimakis says.

Hardware security experts recommended going to established RISC-V companies with solid security processes, a strong customer base, and a good track record of designing chips. One example is Santa Clara, Calif.-based SiFive, which handles security analysis and rigorous compliance testing in its cores. The company has a large customer base that includes Google and NASA, a spokesman said in an email.

Another RISC-V company, Cupertino, Calif-based Ventana Micro Systems, uses the Caliptra specification to put security features directly in computing chips. Caliptra was developed by the Open Compute Project, a coalition which includes Google, Microsoft, AMD, and Nvidia.

Ventana Micro leaders have extensive experience working with x86 and ARM architectures, and are using that experience to secure RISC-V chips. "We applied these learnings during our ground-up development and have many patented features targeted at making our microarchitecture resilient to attacks," a company spokesperson said in an email.

**About the Author**

Agam Shah has covered enterprise IT for more than a decade. Outside of machine learning, hardware, and chips, he's also interested in martial arts and Russia.

Security Concerns Plague Emerging Chip Architecture

A water treatment facility in a small city took serious precautions to prevent any bad outcomes from a hazy cyber incident.

Source: Dmitry Kaminsky via Alamy Stock Photo

The water treatment facility for a small city in Kansas experienced a "cybersecurity incident" on the morning of Sept. 22.

Arkansas City — population 12,000, a two-hour drive north of Oklahoma City — sits at the junction of the Walnut and Arkansas Rivers, the latter of which supplies the town's drinking water. A notice from the city's Environmental Services Administration revealed that on Sept. 22, its treatment facility experienced a "cybersecurity incident." Authorities were contacted and precautionary measures taken. Most notably, the facility moved to fully manual operations — a temporary decision made "out of caution," according to city manager Randy Frazer in the notice.

"Despite the incident, the water supply remains completely safe, and there has been no disruption to service," Frazer wrote. "Residents can rest assured that their drinking water is safe, and the City is operating under full control during this period."

The administration added that "Cybersecurity experts and government authorities are working to resolve the situation and return the facility to normal operations. Enhanced security measures are currently in place to protect the water supply, and no changes to water quality or service are expected for residents."

Dark Reading has reached out to Arkansas City for more information about the incident. In lieu of details, Shawn Waldman, CEO and founder of Secure Cyber, points out that a switch to manual operations could indicate some degree of seriousness.

"In a breach that we investigated last November, we actually never went to manual mode," he recalls. "We were able to isolate the human-machine interfaces (HMIs) and keep the Russian malware contained, and we let the plant operate as normal. There's a lot of strain on employees when you put a plant in manual mode. That's the last case scenario — you don't want to go into manual mode unless you have to."

**The Problem With State-of-the-Art Systems**

Industrial control systems have long struggled to match old, legacy equipment to the demands of modern day cybersecurity.

Less often spoken of is the opposite problem: newer facilities designed with greater connectivity in mind, which introduce attack surfaces that the dinosaur, often analog machines, didn't have.

The new 5.4 million-gallon-per-day water treatment facility in Arkansas City opened in February 2018. It cost $22 million to build, and sports "advanced technology" estimated to save the city up to 20% on operational and maintenance costs. The exact nature of its cybersecurity posture is unknown. 

"Just because a city comes out and says: 'We just upgraded everything, and it's all new, and we should be good' — well, that's great, but what about cybersecurity?" asks Waldman. "Some cities are not making a proper investment into securing their critical infrastructure.

"My city did that exact thing: I know for a fact that they did not upgrade cybersecurity, but they spent around $14 million or more to upgrade all the infrastructure."

To ensure that cities don't leave security out of their budgets, Waldman says, "The EPA and Congress need to step up and get that new EPA standard for cybersecurity passed. They tried to do it before, and then they got sued. And what did we give up? Weeks after that, Iran launched a bunch of attacks on the water systems in the United States. Because, big surprise, Iran reads the US news."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Kansas Water Plant Pivots to Analog After Cyber Event

Leverage Cloud App Development and DevOps to boost business agility, scalability, and security. Optimize operations, deploy faster, and…

Leverage Cloud App Development and DevOps to boost business agility, scalability, and security. Optimize operations, deploy faster, and future-proof your business with innovative AI, ML, and IoT integrations.

In the digital age, businesses must remain agile, scalable, and secure to stay competitive. Cloud app development, paired with DevOps, offers the tools and strategies necessary to meet these demands. These technologies enable companies to optimize operations, deploy applications faster, and safeguard their data, making them critical for success in today’s fast-paced marketplace.

****How Cloud App Development Can Future-Proof Your Business****

Cloud app development allows businesses to build scalable, flexible, and cost-effective applications that grow and evolve with their needs. With cloud platforms, businesses can eliminate the limitations of traditional infrastructure, enabling faster deployment and real-time updates. These apps can also be accessed from anywhere, providing businesses with the agility required to operate globally and adapt to changing market conditions.

In addition to scalability and flexibility, cloud app development future-proofs businesses by integrating advanced technologies like artificial intelligence (AI), machine learning (ML), and the Internet of Things (IoT). These integrations allow companies to leverage data-driven insights, automate processes, and enhance customer experiences, setting the foundation for long-term growth and innovation.

****Cloud-Native Development: Building Apps Designed for the Cloud from the Ground Up****

Cloud-native development refers to building applications specifically designed to run in cloud environments. Unlike traditional apps that are migrated to the cloud, cloud-native apps are built with scalability, resilience, and flexibility in mind from the start. This approach takes advantage of cloud features such as microservices architecture, containers, and continuous integration/continuous deployment (CI/CD) pipelines.

Microservices architecture breaks down applications into smaller, independent services that can be developed, deployed, and scaled independently. This results in faster development cycles and more efficient resource management. Containers, such as Docker and Kubernetes, provide an isolated environment for these services, ensuring consistency across different cloud environments. These technologies enable cloud-native apps to be more adaptable, ensuring they can scale rapidly and respond to changes in demand.

****Why Partnering with a Cloud App Development Company is Essential for Business Scalability****

Partnering with a cloud app development company is key to unlocking the full potential of cloud technologies for business scalability. These companies possess in-depth expertise in cloud platforms and tools, ensuring that the applications they develop are customized to meet the unique needs of your business.

A cloud app development company will optimize your application for both performance and scalability, allowing your business to easily expand services, accommodate more users, or integrate new functionalities as needed. Their specialized knowledge helps businesses avoid costly errors and inefficiencies, accelerating time to market and driving sustainable growth. Moreover, these companies provide ongoing support, ensuring that your cloud app stays secure and adapts to evolving technological and business demands.

****The Role of DevOps Services in Accelerating Your Cloud Application Deployment****

DevOps, a combination of development and operations, plays a pivotal role in cloud application deployment by fostering collaboration between development and IT teams. The goal of DevOps is to streamline the development lifecycle, automate processes, and accelerate application delivery. For cloud applications, DevOps services allow businesses to deploy apps faster, improve quality, and reduce downtime.

DevOps practices, such as automated testing and continuous integration, enable teams to identify and fix issues early in the development cycle. This reduces the risk of errors during deployment and ensures that applications are consistently reliable. Additionally, infrastructure as code (IaC) tools like Terraform and Ansible allow for the automated provisioning and management of cloud infrastructure, further accelerating the deployment process.

****The Benefits of Integrating DevOps Solutions into Cloud App Development****

Integrating DevOps solutions into cloud app development brings numerous advantages. First and foremost, it enables faster and more frequent releases, allowing businesses to deploy updates and new features quickly. This is especially important in today’s competitive environment, where customer needs and market demands are constantly changing.

DevOps also enhances collaboration between teams, ensuring that development, operations, and quality assurance work together seamlessly. This collaboration leads to fewer bottlenecks, improved efficiency, and more reliable applications. Automation, a key aspect of DevOps, reduces manual tasks, minimizes errors, and improves security by ensuring that every deployment follows best practices and adheres to compliance requirements.

****Cloud App Development: The Foundation for Digital Transformation****

Cloud app development is at the core of digital transformation. It provides businesses with the infrastructure and tools needed to modernize operations, deliver innovative services, and enhance customer experiences. By moving applications to the cloud or building cloud-native apps, businesses gain the flexibility and scalability needed to experiment with new technologies and business models.

Cloud-based apps also enable businesses to access real-time data, making it easier to make informed decisions and respond to market trends. This data can be used to optimize processes, improve customer engagement, and create new revenue streams. For companies embarking on digital transformation, cloud app development is not just an option—it is a necessity.

****Cloud Security: How a Cloud App Development Company Ensures Data Protection****

Security is a top priority for any business operating in the cloud, and cloud app development companies take extensive measures to protect data. They design applications with built-in security features, such as encryption, access controls, and threat detection, to safeguard sensitive information. Moreover, these companies ensure compliance with industry standards and regulations, such as GDPR, HIPAA, and PCI-DSS, to protect businesses from legal and financial risks.

Cloud app development companies also implement automated security testing throughout the development process to identify and mitigate vulnerabilities early. Additionally, they monitor applications continuously to detect potential threats and take proactive measures to prevent breaches. By working with a trusted cloud app development company, businesses can ensure that their applications are not only high-performing but also secure and compliant with industry standards.

****Conclusion****

In conclusion, cloud app development, supported by DevOps practices, is essential for businesses looking to scale, innovate, and stay competitive in the digital age. By partnering with the right cloud app development company and integrating DevOps solutions, businesses can accelerate their digital transformation, improve application deployment, and protect sensitive data, all while staying ahead of the curve in an ever-changing technological landscape.

1.  Best Practices for Cloud Computing Security
2.  How To Safeguard Your Data With Cloud MRP System
3.  Front-End Development Matters for Online Businesses
4.  Evolution of Captive Portal to Cloud Authentication Solutions 
5.  Insights on Google Cloud Backup, Disaster Recovery Service

Harnessing the Power of Cloud App Development and DevOps for Modern Businesses

Gentoo Linux Security Advisory 202409-24 - Multiple vulnerabilities have been found in Tor, the worst of which could result in denial of service. Versions greater than or equal to 0.4.8.9 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-24  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Tor: Multiple Vulnerabilities  
     Date: September 24, 2024  
     Bugs: #916759, #917142  
       ID: 202409-24

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Tor, the worst of which  
could result in denial of service.

Background  
==========

Tor is an implementation of second generation Onion Routing, a  
connection-oriented anonymizing communication service.

Affected packages  
=================

Package      Vulnerable    Unaffected  
-----------  ------------  ------------  
net-vpn/tor  < 0.4.8.9     >= 0.4.8.9

Description  
===========

Multiple vulnerabilities have been discovered in Tor. Please review the  
CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Tor users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.8.9"

References  
==========

[ 1 ] TROVE-2023-004  
[ 2 ] TROVE-2023-006

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-24

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-24

Gentoo Linux Security Advisory 202409-23 - A vulnerability has been found in ZNC which could result in remote code execution. Versions greater than or equal to 1.9.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-23  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: ZNC: Remote Code Execution  
     Date: September 24, 2024  
     Bugs: #935422  
       ID: 202409-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been found in ZNC which could result in remote code  
execution.

Background  
==========

ZNC is an advanced IRC bouncer.

Affected packages  
=================

Package      Vulnerable    Unaffected  
-----------  ------------  ------------  
net-irc/znc  < 1.9.1       >= 1.9.1

Description  
===========

ZNC's modtcl could allow for remote code execution via a KICK.

Impact  
======

A vulnerable ZNC with the modtcl module loaded could be exploited for  
remote code execution.

Workaround  
==========

Unload the mod_tcl module.

Resolution  
==========

All ZNC users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-irc/znc-1.9.1"

References  
==========

[ 1 ] CVE-2024-39844  
      https://nvd.nist.gov/vuln/detail/CVE-2024-39844

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-23

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-23

Ubuntu Security Notice 7029-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-7029-1September 23, 2024linux-hwe-6.8==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-hwe-6.8: Linux hardware enablement (HWE) kernelDetails:Chenyuan Yang discovered that the CEC driver driver in the Linux kernelcontained a use-after-free vulnerability. A local attacker could use thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2024-23848)It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM64 architecture;  - MIPS architecture;  - PA-RISC architecture;  - PowerPC architecture;  - RISC-V architecture;  - User-Mode Linux (UML);  - x86 architecture;  - Block layer subsystem;  - ACPI drivers;  - Drivers core;  - Null block device driver;  - Character device driver;  - TPM device driver;  - Clock framework and drivers;  - CPU frequency scaling framework;  - Hardware crypto device drivers;  - CXL (Compute Express Link) drivers;  - Buffer Sharing and Synchronization framework;  - DMA engine subsystem;  - EFI core;  - FPGA Framework;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - HW tracing;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Input Device (Mouse) drivers;  - Mailbox framework;  - Media drivers;  - Microchip PCI driver;  - VMware VMCI Driver;  - MMC subsystem;  - Network drivers;  - PCI subsystem;  - x86 platform drivers;  - PTP clock framework;  - S/390 drivers;  - SCSI drivers;  - SoundWire subsystem;  - Sonic Silicon Backplane drivers;  - Greybus lights staging drivers;  - Thermal drivers;  - TTY drivers;  - USB subsystem;  - VFIO drivers;  - Framebuffer layer;  - Watchdog drivers;  - 9P distributed file system;  - BTRFS file system;  - File systems infrastructure;  - Ext4 file system;  - F2FS file system;  - JFS file system;  - Network file system server daemon;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - Tracing file system;  - IOMMU subsystem;  - Tracing infrastructure;  - io_uring subsystem;  - Core kernel;  - BPF subsystem;  - Kernel debugger infrastructure;  - DMA mapping infrastructure;  - IRQ subsystem;  - Memory management;  - 9P file system network protocol;  - Amateur Radio drivers;  - B.A.T.M.A.N. meshing protocol;  - Ethernet bridge;  - Networking core;  - Ethtool driver;  - IPv4 networking;  - IPv6 networking;  - MAC80211 subsystem;  - Multipath TCP;  - Netfilter;  - NET/ROM layer;  - NFC subsystem;  - Network traffic control;  - Sun RPC protocol;  - TIPC protocol;  - TLS protocol;  - Unix domain sockets;  - Wireless networking;  - XFRM subsystem;  - AppArmor security module;  - Integrity Measurement Architecture(IMA) framework;  - Landlock security;  - Linux Security Modules (LSM) Framework;  - SELinux security module;  - Simplified Mandatory Access Control Kernel framework;  - ALSA framework;  - HD-audio driver;  - SOF drivers;  - KVM core;(CVE-2024-39498, CVE-2024-33847, CVE-2024-39510, CVE-2024-39462,CVE-2024-40930, CVE-2024-38634, CVE-2024-40962, CVE-2024-37078,CVE-2024-39371, CVE-2024-40972, CVE-2024-41002, CVE-2024-40920,CVE-2024-40982, CVE-2024-40915, CVE-2024-40942, CVE-2024-42154,CVE-2024-40937, CVE-2024-40967, CVE-2024-40909, CVE-2024-36244,CVE-2024-33619, CVE-2024-39277, CVE-2024-40900, CVE-2024-38661,CVE-2024-40974, CVE-2024-38618, CVE-2024-32936, CVE-2024-40906,CVE-2024-40919, CVE-2024-39470, CVE-2024-38390, CVE-2024-40966,CVE-2024-39467, CVE-2024-40938, CVE-2024-39471, CVE-2024-39485,CVE-2024-39495, CVE-2024-39492, CVE-2024-39475, CVE-2024-40953,CVE-2024-40939, CVE-2024-39493, CVE-2024-38637, CVE-2024-40945,CVE-2024-41006, CVE-2024-39461, CVE-2024-40948, CVE-2024-40916,CVE-2024-40925, CVE-2024-40956, CVE-2024-40970, CVE-2024-40912,CVE-2024-33621, CVE-2024-40989, CVE-2024-36489, CVE-2024-37354,CVE-2024-34027, CVE-2024-39506, CVE-2024-39296, CVE-2024-40977,CVE-2024-38624, CVE-2024-40983, CVE-2024-40911, CVE-2024-36477,CVE-2024-38384, CVE-2024-39507, CVE-2024-38659, CVE-2024-40987,CVE-2024-40922, CVE-2024-36978, CVE-2024-38629, CVE-2024-38622,CVE-2024-40921, CVE-2024-40903, CVE-2024-38306, CVE-2024-40926,CVE-2024-39291, CVE-2024-36286, CVE-2024-40910, CVE-2024-40943,CVE-2024-40899, CVE-2024-37356, CVE-2024-40961, CVE-2024-39468,CVE-2024-40940, CVE-2024-40931, CVE-2024-38381, CVE-2024-40998,CVE-2024-34030, CVE-2024-41000, CVE-2024-40986, CVE-2024-38663,CVE-2024-40914, CVE-2024-31076, CVE-2024-42228, CVE-2024-40978,CVE-2024-40975, CVE-2024-39494, CVE-2024-40905, CVE-2024-40908,CVE-2024-38625, CVE-2024-38388, CVE-2024-40965, CVE-2024-41004,CVE-2023-52884, CVE-2024-39484, CVE-2024-40951, CVE-2024-40988,CVE-2024-40929, CVE-2024-39491, CVE-2024-40992, CVE-2024-41009,CVE-2024-40976, CVE-2024-40917, CVE-2024-39502, CVE-2024-40999,CVE-2024-39479, CVE-2024-39505, CVE-2024-40981, CVE-2024-38662,CVE-2024-38636, CVE-2024-39496, CVE-2024-39276, CVE-2024-41003,CVE-2024-37021, CVE-2024-36972, CVE-2024-38780, CVE-2024-40954,CVE-2024-40963, CVE-2024-36478, CVE-2024-39465, CVE-2024-39474,CVE-2024-39490, CVE-2024-36484, CVE-2024-36974, CVE-2024-38628,CVE-2024-36479, CVE-2024-42078, CVE-2024-40936, CVE-2024-38385,CVE-2024-40996, CVE-2024-40901, CVE-2024-40969, CVE-2024-39483,CVE-2024-40990, CVE-2024-40947, CVE-2024-40980, CVE-2024-39464,CVE-2024-40923, CVE-2024-40933, CVE-2024-39481, CVE-2024-40927,CVE-2024-38667, CVE-2024-42159, CVE-2024-38635, CVE-2024-38627,CVE-2024-38630, CVE-2024-39504, CVE-2024-34777, CVE-2024-40944,CVE-2024-37026, CVE-2024-38633, CVE-2024-40941, CVE-2024-39499,CVE-2024-36270, CVE-2024-35247, CVE-2024-40924, CVE-2024-40984,CVE-2024-40968, CVE-2024-39489, CVE-2024-39298, CVE-2024-40949,CVE-2024-39508, CVE-2024-41001, CVE-2024-40934, CVE-2024-40957,CVE-2024-39292, CVE-2024-40979, CVE-2024-39488, CVE-2024-40995,CVE-2024-39500, CVE-2024-40918, CVE-2024-36015, CVE-2024-39503,CVE-2024-39301, CVE-2024-39466, CVE-2024-42224, CVE-2024-39478,CVE-2024-40902, CVE-2024-39509, CVE-2024-39463, CVE-2024-40971,CVE-2024-40928, CVE-2024-38664, CVE-2024-39473, CVE-2024-39501,CVE-2024-36288, CVE-2024-42148, CVE-2024-38621, CVE-2024-38632,CVE-2024-41005, CVE-2024-38619, CVE-2024-36973, CVE-2024-40994,CVE-2024-42160, CVE-2024-40960, CVE-2024-40958, CVE-2024-39469,CVE-2022-48772, CVE-2024-40964, CVE-2024-40913, CVE-2024-36481,CVE-2024-40932, CVE-2024-36971, CVE-2024-40935, CVE-2024-38623,CVE-2024-40997, CVE-2024-40952, CVE-2024-40955, CVE-2024-36281,CVE-2024-39480, CVE-2024-40904, CVE-2024-40985, CVE-2024-39497,CVE-2024-40973, CVE-2024-40959)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-6.8.0-45-generic    6.8.0-45.45~22.04.1  linux-image-6.8.0-45-generic-64k  6.8.0-45.45~22.04.1  linux-image-generic-64k-hwe-22.04  6.8.0-45.45~22.04.1  linux-image-generic-hwe-22.04   6.8.0-45.45~22.04.1  linux-image-oem-22.04           6.8.0-45.45~22.04.1  linux-image-oem-22.04a          6.8.0-45.45~22.04.1  linux-image-oem-22.04b          6.8.0-45.45~22.04.1  linux-image-oem-22.04c          6.8.0-45.45~22.04.1  linux-image-oem-22.04d          6.8.0-45.45~22.04.1  linux-image-virtual-hwe-22.04   6.8.0-45.45~22.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7029-1  CVE-2022-48772, CVE-2023-52884, CVE-2024-23848, CVE-2024-31076,  CVE-2024-32936, CVE-2024-33619, CVE-2024-33621, CVE-2024-33847,  CVE-2024-34027, CVE-2024-34030, CVE-2024-34777, CVE-2024-35247,  CVE-2024-36015, CVE-2024-36244, CVE-2024-36270, CVE-2024-36281,  CVE-2024-36286, CVE-2024-36288, CVE-2024-36477, CVE-2024-36478,  CVE-2024-36479, CVE-2024-36481, CVE-2024-36484, CVE-2024-36489,  CVE-2024-36971, CVE-2024-36972, CVE-2024-36973, CVE-2024-36974,  CVE-2024-36978, CVE-2024-37021, CVE-2024-37026, CVE-2024-37078,  CVE-2024-37354, CVE-2024-37356, CVE-2024-38306, CVE-2024-38381,  CVE-2024-38384, CVE-2024-38385, CVE-2024-38388, CVE-2024-38390,  CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38622,  CVE-2024-38623, CVE-2024-38624, CVE-2024-38625, CVE-2024-38627,  CVE-2024-38628, CVE-2024-38629, CVE-2024-38630, CVE-2024-38632,  CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38636,  CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38662,  CVE-2024-38663, CVE-2024-38664, CVE-2024-38667, CVE-2024-38780,  CVE-2024-39276, CVE-2024-39277, CVE-2024-39291, CVE-2024-39292,  CVE-2024-39296, CVE-2024-39298, CVE-2024-39301, CVE-2024-39371,  CVE-2024-39461, CVE-2024-39462, CVE-2024-39463, CVE-2024-39464,  CVE-2024-39465, CVE-2024-39466, CVE-2024-39467, CVE-2024-39468,  CVE-2024-39469, CVE-2024-39470, CVE-2024-39471, CVE-2024-39473,  CVE-2024-39474, CVE-2024-39475, CVE-2024-39478, CVE-2024-39479,  CVE-2024-39480, CVE-2024-39481, CVE-2024-39483, CVE-2024-39484,  CVE-2024-39485, CVE-2024-39488, CVE-2024-39489, CVE-2024-39490,  CVE-2024-39491, CVE-2024-39492, CVE-2024-39493, CVE-2024-39494,  CVE-2024-39495, CVE-2024-39496, CVE-2024-39497, CVE-2024-39498,  CVE-2024-39499, CVE-2024-39500, CVE-2024-39501, CVE-2024-39502,  CVE-2024-39503, CVE-2024-39504, CVE-2024-39505, CVE-2024-39506,  CVE-2024-39507, CVE-2024-39508, CVE-2024-39509, CVE-2024-39510,  CVE-2024-40899, CVE-2024-40900, CVE-2024-40901, CVE-2024-40902,  CVE-2024-40903, CVE-2024-40904, CVE-2024-40905, CVE-2024-40906,  CVE-2024-40908, CVE-2024-40909, CVE-2024-40910, CVE-2024-40911,  CVE-2024-40912, CVE-2024-40913, CVE-2024-40914, CVE-2024-40915,  CVE-2024-40916, CVE-2024-40917, CVE-2024-40918, CVE-2024-40919,  CVE-2024-40920, CVE-2024-40921, CVE-2024-40922, CVE-2024-40923,  CVE-2024-40924, CVE-2024-40925, CVE-2024-40926, CVE-2024-40927,  CVE-2024-40928, CVE-2024-40929, CVE-2024-40930, CVE-2024-40931,  CVE-2024-40932, CVE-2024-40933, CVE-2024-40934, CVE-2024-40935,  CVE-2024-40936, CVE-2024-40937, CVE-2024-40938, CVE-2024-40939,  CVE-2024-40940, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943,  CVE-2024-40944, CVE-2024-40945, CVE-2024-40947, CVE-2024-40948,  CVE-2024-40949, CVE-2024-40951, CVE-2024-40952, CVE-2024-40953,  CVE-2024-40954, CVE-2024-40955, CVE-2024-40956, CVE-2024-40957,  CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961,  CVE-2024-40962, CVE-2024-40963, CVE-2024-40964, CVE-2024-40965,  CVE-2024-40966, CVE-2024-40967, CVE-2024-40968, CVE-2024-40969,  CVE-2024-40970, CVE-2024-40971, CVE-2024-40972, CVE-2024-40973,  CVE-2024-40974, CVE-2024-40975, CVE-2024-40976, CVE-2024-40977,  CVE-2024-40978, CVE-2024-40979, CVE-2024-40980, CVE-2024-40981,  CVE-2024-40982, CVE-2024-40983, CVE-2024-40984, CVE-2024-40985,  CVE-2024-40986, CVE-2024-40987, CVE-2024-40988, CVE-2024-40989,  CVE-2024-40990, CVE-2024-40992, CVE-2024-40994, CVE-2024-40995,  CVE-2024-40996, CVE-2024-40997, CVE-2024-40998, CVE-2024-40999,  CVE-2024-41000, CVE-2024-41001, CVE-2024-41002, CVE-2024-41003,  CVE-2024-41004, CVE-2024-41005, CVE-2024-41006, CVE-2024-41009,  CVE-2024-42078, CVE-2024-42148, CVE-2024-42154, CVE-2024-42159,  CVE-2024-42160, CVE-2024-42224, CVE-2024-42228Package Information:  https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-45.45~22.04.1

Ubuntu Security Notice USN-7029-1

Gentoo Linux Security Advisory 202409-22 - A vulnerability has been discovered in GCC, which can lead to flawed code generation. Versions greater than or equal to 10.0 are affected.

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Gentoo Linux Security Advisory                           GLSA 202409-22- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -                                           https://security.gentoo.org/- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal    Title: GCC: Flawed Code Generation     Date: September 24, 2024     Bugs: #719466       ID: 202409-22- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Synopsis========A vulnerability has been discovered in GCC, which can lead to flawedcode generation.Background==========The GNU Compiler Collection includes front ends for C, C++, Objective-C,Fortran, Ada, Go, D and Modula-2 as well as libraries for theselanguages (libstdc++,...).Affected packages=================Package        Vulnerable    Unaffected-------------  ------------  ------------sys-devel/gcc  < 10.0        >= 10.0Description===========A vulnerability has been discovered in GCC. Please review the CVEidentifier referenced below for details.Impact======The POWER9 backend in GNU Compiler Collection (GCC) could optimizemultiple calls of the __builtin_darn intrinsic into a single call, thusreducing the entropy of the random number generator. This occurredbecause a volatile operation was not specified. For example, within asingle execution of a program, the output of every __builtin_darn() callmay be the same.Workaround==========There is no known workaround at this time.Resolution==========All GCC users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=sys-devel/gcc-10.0"And then select it with gcc-config:  # gcc-config latestIn this case, users should also rebuild all affected packages withemerge -e, e.g.:  # emerge --usepkg=n --emptytree @worldReferences==========[ 1 ] CVE-2019-15847      https://nvd.nist.gov/vuln/detail/CVE-2019-15847Availability============This GLSA and any updates to it are available for viewing atthe Gentoo Security Website: https://security.gentoo.org/glsa/202409-22Concerns?=========Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users' machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttps://bugs.gentoo.org.License=======Copyright 2024 Gentoo Foundation, Inc; referenced textbelongs to its owner(s).The contents of this document are licensed under theCreative Commons - Attribution / Share Alike license.https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-22

Ubuntu Security Notice 7007-3 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-7007-3September 23, 2024linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-lowlatency: Linux low latency kernel- linux-lowlatency-hwe-5.15: Linux low latency kernelDetails:Chenyuan Yang discovered that the CEC driver driver in the Linux kernelcontained a use-after-free vulnerability. A local attacker could use thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2024-23848)Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kerneldid not properly check for the device to be enabled before writing. A localattacker could possibly use this to cause a denial of service.(CVE-2024-25741)It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM64 architecture;  - M68K architecture;  - MIPS architecture;  - PowerPC architecture;  - RISC-V architecture;  - x86 architecture;  - Block layer subsystem;  - Cryptographic API;  - Accessibility subsystem;  - ACPI drivers;  - Serial ATA and Parallel ATA drivers;  - Drivers core;  - Bluetooth drivers;  - Character device driver;  - CPU frequency scaling framework;  - Hardware crypto device drivers;  - Buffer Sharing and Synchronization framework;  - DMA engine subsystem;  - FPGA Framework;  - GPIO subsystem;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - HW tracing;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Input Device (Mouse) drivers;  - Macintosh device drivers;  - Multiple devices driver;  - Media drivers;  - VMware VMCI Driver;  - Network drivers;  - Near Field Communication (NFC) drivers;  - NVME drivers;  - Pin controllers subsystem;  - PTP clock framework;  - S/390 drivers;  - SCSI drivers;  - SoundWire subsystem;  - Greybus lights staging drivers;  - Media staging drivers;  - Thermal drivers;  - TTY drivers;  - USB subsystem;  - DesignWare USB3 driver;  - Framebuffer layer;  - ACRN Hypervisor Service Module driver;  - eCrypt file system;  - File systems infrastructure;  - Ext4 file system;  - F2FS file system;  - JFFS2 file system;  - JFS file system;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - IOMMU subsystem;  - Memory management;  - Netfilter;  - BPF subsystem;  - Kernel debugger infrastructure;  - DMA mapping infrastructure;  - IRQ subsystem;  - Tracing infrastructure;  - 9P file system network protocol;  - B.A.T.M.A.N. meshing protocol;  - CAN network layer;  - Ceph Core library;  - Networking core;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - MAC80211 subsystem;  - Multipath TCP;  - NET/ROM layer;  - NFC subsystem;  - Open vSwitch;  - Network traffic control;  - TIPC protocol;  - TLS protocol;  - Unix domain sockets;  - Wireless networking;  - XFRM subsystem;  - ALSA framework;  - SoC Audio for Freescale CPUs drivers;  - Kirkwood ASoC drivers;(CVE-2024-42105, CVE-2024-41002, CVE-2024-38558, CVE-2023-52887,CVE-2024-39487, CVE-2024-39276, CVE-2024-42077, CVE-2024-39493,CVE-2024-40934, CVE-2024-39277, CVE-2024-42087, CVE-2024-38598,CVE-2024-38618, CVE-2024-40981, CVE-2024-42127, CVE-2024-38607,CVE-2024-38586, CVE-2024-40901, CVE-2024-40916, CVE-2024-42247,CVE-2024-42093, CVE-2024-36489, CVE-2024-38615, CVE-2024-42120,CVE-2024-38567, CVE-2024-40957, CVE-2024-39501, CVE-2024-42140,CVE-2024-33621, CVE-2024-38573, CVE-2023-52884, CVE-2024-39468,CVE-2024-41092, CVE-2024-40931, CVE-2024-42145, CVE-2024-39490,CVE-2024-38555, CVE-2024-42086, CVE-2024-38597, CVE-2024-40956,CVE-2024-42223, CVE-2024-36894, CVE-2024-40961, CVE-2024-42076,CVE-2024-40994, CVE-2024-38619, CVE-2024-39467, CVE-2024-39466,CVE-2022-48772, CVE-2024-39507, CVE-2024-40914, CVE-2024-41046,CVE-2024-42094, CVE-2024-38591, CVE-2024-42098, CVE-2024-41027,CVE-2024-41040, CVE-2024-41089, CVE-2024-40945, CVE-2024-39503,CVE-2024-37356, CVE-2024-36286, CVE-2024-39495, CVE-2024-42101,CVE-2024-40941, CVE-2024-42137, CVE-2024-38381, CVE-2024-38627,CVE-2024-31076, CVE-2024-42092, CVE-2024-40932, CVE-2024-40995,CVE-2024-40937, CVE-2024-39489, CVE-2024-42084, CVE-2024-40929,CVE-2024-36978, CVE-2024-36015, CVE-2024-36014, CVE-2024-42124,CVE-2024-40976, CVE-2024-39502, CVE-2024-38599, CVE-2024-38661,CVE-2024-42104, CVE-2024-42096, CVE-2024-40904, CVE-2024-40990,CVE-2024-38579, CVE-2024-40974, CVE-2024-41055, CVE-2024-38633,CVE-2024-38659, CVE-2024-41093, CVE-2024-42154, CVE-2024-38624,CVE-2024-41049, CVE-2024-38552, CVE-2024-38578, CVE-2024-38605,CVE-2024-40970, CVE-2024-38601, CVE-2024-38550, CVE-2024-38559,CVE-2024-38571, CVE-2024-40971, CVE-2024-41097, CVE-2024-40967,CVE-2024-38612, CVE-2024-38587, CVE-2024-41004, CVE-2024-33847,CVE-2024-38580, CVE-2024-39506, CVE-2024-42102, CVE-2024-36032,CVE-2024-38548, CVE-2024-39499, CVE-2024-38610, CVE-2024-42152,CVE-2024-40943, CVE-2024-40959, CVE-2024-39488, CVE-2024-36972,CVE-2024-38637, CVE-2024-40942, CVE-2024-42106, CVE-2024-38546,CVE-2024-38634, CVE-2024-39471, CVE-2024-39482, CVE-2024-41095,CVE-2024-42229, CVE-2024-42131, CVE-2024-41007, CVE-2024-42095,CVE-2024-42097, CVE-2024-39480, CVE-2024-35927, CVE-2024-42153,CVE-2024-42080, CVE-2024-42089, CVE-2024-41087, CVE-2024-39475,CVE-2024-42119, CVE-2024-41041, CVE-2024-38623, CVE-2024-39469,CVE-2024-34777, CVE-2024-42157, CVE-2024-42085, CVE-2024-36270,CVE-2024-34027, CVE-2024-35247, CVE-2024-38549, CVE-2024-40954,CVE-2024-41034, CVE-2024-41044, CVE-2024-39509, CVE-2024-40987,CVE-2024-42161, CVE-2024-40911, CVE-2024-42070, CVE-2024-42109,CVE-2024-37078, CVE-2024-40912, CVE-2024-40988, CVE-2024-40978,CVE-2024-41048, CVE-2024-41005, CVE-2024-40905, CVE-2024-41047,CVE-2024-41006, CVE-2024-38560, CVE-2024-42225, CVE-2024-42148,CVE-2024-38596, CVE-2024-38588, CVE-2024-39301, CVE-2024-38613,CVE-2024-38635, CVE-2024-40960, CVE-2024-39505, CVE-2024-42244,CVE-2024-40963, CVE-2024-39500, CVE-2024-42082, CVE-2024-36971,CVE-2024-42068, CVE-2024-40984, CVE-2024-41035, CVE-2024-38583,CVE-2024-42121, CVE-2024-40968, CVE-2024-40958, CVE-2024-40927,CVE-2024-40980, CVE-2024-40908, CVE-2024-38780, CVE-2024-38590,CVE-2024-42115, CVE-2024-42224, CVE-2024-42232, CVE-2024-42240,CVE-2024-42236, CVE-2024-38547, CVE-2024-38565, CVE-2024-40902,CVE-2024-38662, CVE-2024-42090, CVE-2024-36974, CVE-2024-38621,CVE-2024-41000, CVE-2024-40983, CVE-2024-42130, CVE-2024-38582,CVE-2024-38589)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-5.15.0-121-lowlatency  5.15.0-121.131  linux-image-5.15.0-121-lowlatency-64k  5.15.0-121.131  linux-image-lowlatency          5.15.0.121.110  linux-image-lowlatency-64k      5.15.0.121.110Ubuntu 20.04 LTS  linux-image-5.15.0-121-lowlatency  5.15.0-121.131~20.04.1  linux-image-5.15.0-121-lowlatency-64k  5.15.0-121.131~20.04.1  linux-image-lowlatency-64k-hwe-20.04  5.15.0.121.131~20.04.1  linux-image-lowlatency-hwe-20.04  5.15.0.121.131~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7007-3  https://ubuntu.com/security/notices/USN-7007-2  https://ubuntu.com/security/notices/USN-7007-1  CVE-2022-48772, CVE-2023-52884, CVE-2023-52887, CVE-2024-23848,  CVE-2024-25741, CVE-2024-31076, CVE-2024-33621, CVE-2024-33847,  CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-35927,  CVE-2024-36014, CVE-2024-36015, CVE-2024-36032, CVE-2024-36270,  CVE-2024-36286, CVE-2024-36489, CVE-2024-36894, CVE-2024-36971,  CVE-2024-36972, CVE-2024-36974, CVE-2024-36978, CVE-2024-37078,  CVE-2024-37356, CVE-2024-38381, CVE-2024-38546, CVE-2024-38547,  CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552,  CVE-2024-38555, CVE-2024-38558, CVE-2024-38559, CVE-2024-38560,  CVE-2024-38565, CVE-2024-38567, CVE-2024-38571, CVE-2024-38573,  CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38582,  CVE-2024-38583, CVE-2024-38586, CVE-2024-38587, CVE-2024-38588,  CVE-2024-38589, CVE-2024-38590, CVE-2024-38591, CVE-2024-38596,  CVE-2024-38597, CVE-2024-38598, CVE-2024-38599, CVE-2024-38601,  CVE-2024-38605, CVE-2024-38607, CVE-2024-38610, CVE-2024-38612,  CVE-2024-38613, CVE-2024-38615, CVE-2024-38618, CVE-2024-38619,  CVE-2024-38621, CVE-2024-38623, CVE-2024-38624, CVE-2024-38627,  CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38637,  CVE-2024-38659, CVE-2024-38661, CVE-2024-38662, CVE-2024-38780,  CVE-2024-39276, CVE-2024-39277, CVE-2024-39301, CVE-2024-39466,  CVE-2024-39467, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471,  CVE-2024-39475, CVE-2024-39480, CVE-2024-39482, CVE-2024-39487,  CVE-2024-39488, CVE-2024-39489, CVE-2024-39490, CVE-2024-39493,  CVE-2024-39495, CVE-2024-39499, CVE-2024-39500, CVE-2024-39501,  CVE-2024-39502, CVE-2024-39503, CVE-2024-39505, CVE-2024-39506,  CVE-2024-39507, CVE-2024-39509, CVE-2024-40901, CVE-2024-40902,  CVE-2024-40904, CVE-2024-40905, CVE-2024-40908, CVE-2024-40911,  CVE-2024-40912, CVE-2024-40914, CVE-2024-40916, CVE-2024-40927,  CVE-2024-40929, CVE-2024-40931, CVE-2024-40932, CVE-2024-40934,  CVE-2024-40937, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943,  CVE-2024-40945, CVE-2024-40954, CVE-2024-40956, CVE-2024-40957,  CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961,  CVE-2024-40963, CVE-2024-40967, CVE-2024-40968, CVE-2024-40970,  CVE-2024-40971, CVE-2024-40974, CVE-2024-40976, CVE-2024-40978,  CVE-2024-40980, CVE-2024-40981, CVE-2024-40983, CVE-2024-40984,  CVE-2024-40987, CVE-2024-40988, CVE-2024-40990, CVE-2024-40994,  CVE-2024-40995, CVE-2024-41000, CVE-2024-41002, CVE-2024-41004,  CVE-2024-41005, CVE-2024-41006, CVE-2024-41007, CVE-2024-41027,  CVE-2024-41034, CVE-2024-41035, CVE-2024-41040, CVE-2024-41041,  CVE-2024-41044, CVE-2024-41046, CVE-2024-41047, CVE-2024-41048,  CVE-2024-41049, CVE-2024-41055, CVE-2024-41087, CVE-2024-41089,  CVE-2024-41092, CVE-2024-41093, CVE-2024-41095, CVE-2024-41097,  CVE-2024-42068, CVE-2024-42070, CVE-2024-42076, CVE-2024-42077,  CVE-2024-42080, CVE-2024-42082, CVE-2024-42084, CVE-2024-42085,  CVE-2024-42086, CVE-2024-42087, CVE-2024-42089, CVE-2024-42090,  CVE-2024-42092, CVE-2024-42093, CVE-2024-42094, CVE-2024-42095,  CVE-2024-42096, CVE-2024-42097, CVE-2024-42098, CVE-2024-42101,  CVE-2024-42102, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106,  CVE-2024-42109, CVE-2024-42115, CVE-2024-42119, CVE-2024-42120,  CVE-2024-42121, CVE-2024-42124, CVE-2024-42127, CVE-2024-42130,  CVE-2024-42131, CVE-2024-42137, CVE-2024-42140, CVE-2024-42145,  CVE-2024-42148, CVE-2024-42152, CVE-2024-42153, CVE-2024-42154,  CVE-2024-42157, CVE-2024-42161, CVE-2024-42223, CVE-2024-42224,  CVE-2024-42225, CVE-2024-42229, CVE-2024-42232, CVE-2024-42236,  CVE-2024-42240, CVE-2024-42244, CVE-2024-42247Package Information:  https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-121.131  https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-121.131~20.04.1

Ubuntu Security Notice USN-7007-3

Gentoo Linux Security Advisory 202409-21 - Multiple vulnerabilities have been discovered in Hunspell, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.7.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-21  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Hunspell: Multiple Vulnerabilities  
     Date: September 24, 2024  
     Bugs: #866093  
       ID: 202409-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Hunspell, the worst of  
which could lead to arbitrary code execution.

Background  
==========

Hunspell is the spell checker of LibreOffice, OpenOffice.org, Mozilla  
Firefox & Thunderbird, Google Chrome.

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
app-text/hunspell  < 1.7.1       >= 1.7.1

Description  
===========

Malicious input to the hunspell spell checker could result in an  
application crash or other unspecified behavior.

Impact  
======

Malicious input to the hunspell spell checker could result in an  
application crash or other unspecified behavior.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Hunspell users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-text/hunspell-1.7.1"

References  
==========

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-21

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Tag

#mac