Red Hat Security Advisory 2024-7346-03 - An update for cups-filters is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7346.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: cups-filters security updateAdvisory ID:        RHSA-2024:7346-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7346Issue date:         2024-09-27Revision:           03CVE Names:          CVE-2024-47076====================================================================Summary: An update for cups-filters is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. Security Fix(es):* cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source ()* cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes (CVE-2024-47076)* cups: libppd: remote command injection via attacker controlled data in PPD file ()For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-47076References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2314252https://bugzilla.redhat.com/show_bug.cgi?id=2314253https://bugzilla.redhat.com/show_bug.cgi?id=2314256

Red Hat Security Advisory 2024-7346-03

Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android.
But it wasn't all good news – Kaspersky's forced exit from the US market left users with more

Cybersecurity / Weekly Recap

Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android.

But it wasn't all good news – Kaspersky's forced exit from the US market left users with more questions than answers. And don't even get us started on the Kia cars that could've been hijacked with just a license plate!

Let's unpack these stories and more, and arm ourselves with the knowledge to stay safe in this ever-evolving digital landscape.

****⚡ Threat of the Week****

**Flaws Found in CUPS:** A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. Red Hat Enterprise Linux tagged the issues as Important in severity, given that the real-world impact is likely to be low due to the prerequisites necessary to pull off a successful exploit.

****🔔 Top News****

*   **Google's Touts Shift to Rust:** The pivot to memory-safe languages such as Rust for Android has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The development comes as Google and Arm's increased collaboration has made it possible to flag multiple shortcomings and elevate the overall security of the GPU software/firmware stack across the Android ecosystem.
*   **Kaspersky Exits U.S. Market:** Russian cybersecurity vendor Kaspersky, which has been banned from selling its products in the U.S. due to national security concerns, raised concerns after some found that their installations have been automatically removed and replaced by antivirus software from a lesser-known company called UltraAV. Kaspersky said it began notifying customers of the transition earlier this month, but it appears that it was not made clear that the software would be forcefully migrated without requiring any user action. Pango, which owns UltraUV, said users also had the option of canceling their subscription directly with Kaspersky's customer service team.
*   **Kia Cars Could Be Remotely Controlled with Just License Plates:** A set of now patched vulnerabilities in Kia vehicles that could have allowed remote control over key functions simply by using only a license plate. They could also let attackers covertly gain access to sensitive information including the victim's name, phone number, email address, and physical address. There is no evidence that these vulnerabilities were ever exploited in the wild.
*   **U.S. Sanctions Cryptex and PM2BTC:** The U.S. government sanctioned two cryptocurrency exchanges Cryptex and PM2BTC for allegedly facilitating the laundering of cryptocurrencies possibly obtained through cybercrime. In tandem, an indictment was unsealed against a Russian national, Sergey Sergeevich Ivanov, for his purported involvement in the operation of several money laundering services that were offered to cybercriminals.
*   **3 Iranian Hackers Charged:** In yet another law enforcement action, the U.S. government charged three Iranian nationals, Masoud Jalili, Seyyed Ali Aghamiri, and Yasar (Yaser) Balaghi, who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former officials to steal sensitive data in an attempt to interfere with the upcoming elections. Iran has called the allegations baseless.

****📰 Around the Cyber World****

*   **Mysterious Internet Noise Storms Detailed:** Threat intelligence firm GreyNoise said it has been tracking large waves of "Noise Storms" containing spoofed internet traffic comprising TCP connections and ICMP packets since January 2020, although the exact origins and its intended purpose remain unknown. An intriguing aspect of the inexplicable phenomenon is the presence of a "LOVE" ASCII string in the generated ICMP packets, reinforcing the hypothesis that it could be used as a covert communications channel. "Millions of spoofed IPs are flooding key internet providers like Cogent and Lumen while strategically avoiding AWS — suggesting a sophisticated, potentially organized actor with a clear agenda," it said. "Although traffic appears to originate from Brazil, deeper connections to Chinese platforms like QQ, WeChat, and WePay raise the possibility of deliberate obfuscation, complicating efforts to trace the true source and purpose."
*   **Tails and Tor Merge Operations:** The Tor Project, the non-profit that maintains software for the Tor (The Onion Router) anonymity network, is joining forces with Tails (short for The Amnesic Incognito Live System), the maker of a portable Linux-based operating system that uses Tor. "Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats," the organizations said. The move "feels like coming home," intrigeri, Tails OS team lead said.
*   **NIST Proposes New Password Rules:** The U.S. National Institute of Standards and Technology (NIST) has outlined new guidelines that suggest credential service providers (CSPs) stop recommending passwords using several character types and stop mandating periodic password changes unless the authenticator has been compromised. Other notable recommendations include passwords should be anywhere between 15 and 64 characters long, as well as ASCII and Unicode characters should be allowed when setting them.
*   **PKfail More Broader Than Previously Thought:** A critical firmware supply chain issue known as PKfail (CVE-2024-8105), which allows attackers to bypass Secure Boot and install malware, has been now found to impact more devices, including medical devices, desktops, laptops, gaming consoles, enterprise servers, ATMs, PoS terminals, and even voting machines. Binarly has described PKfail as a "great example of a supply chain security failure impacting the entire industry."
*   **Microsoft Revamps Recall:** When Microsoft released its AI-powered feature Recall in May 2024, it was met with near instantaneous backlash over privacy and security concerns, and for making it easier for threat actors to steal sensitive data. The company subsequently delayed a wider rollout pending under-the-hood changes to ensure that the issues were addressed. As part of the new updates, Recall is no longer enabled by default and can be uninstalled by users. It also moves all of the screenshot processing to a Virtualization-based Security (VBS) Enclave. Furthermore, the company said it engaged an unnamed third-party security vendor to perform an independent security design review and penetration test.

**🔥 **Cybersecurity Resources & Insights****

*   **Upcoming Webinars**
    *   **Overloaded with Logs? Let's Fix Your SIEM:** Legacy SIEMs are overwhelmed. The answer isn't more data... It's better oversight. Join Zuri Cortez and Seth Geftic as they break down how we went from data overload to security simplicity without sacrificing performance. Save your seat today and simplify your security game with our Managed SIEM.
    *   **Strategies to Defeat Ransomware in 2024**: Ransomware attacks are up by 17.8%, and ransom payouts are reaching all-time highs. Is your organization prepared for the escalating ransomware threat? Join us for an exclusive webinar where Emily Laufer, Director of Product Marketing at Zscaler, will unveil insights from the Zscaler ThreatLabz 2024 Ransomware Report. Register now and secure your spot!
*   **Ask the Expert**
    *   **Q:** How can organizations secure device firmware against vulnerabilities like PKfail, and what technologies or practices should they prioritize?
    *   **A:** Securing firmware isn't just about patching—it's about protecting the very core of your devices where threats like PKfail hide in plain sight. Think of firmware as the foundation of a skyscraper; if it's weak, the entire structure is at risk. Organizations should prioritize implementing secure boot mechanisms to ensure only trusted firmware loads, use firmware vulnerability scanning tools to detect and address issues proactively, and deploy runtime protections to monitor for malicious activities. Partnering closely with hardware vendors for timely updates, adopting a zero-trust security model, and educating employees about firmware risks are also crucial. In today's cyber landscape, safeguarding the firmware layer is essential—it's the bedrock of your entire security strategy.

****🔒 Tip of the Week****

**Prevent Data Leaks to AI Services:** Protect sensitive data by enforcing strict policies against sharing with external AI platforms, deploying DLP tools to block confidential transmissions, restricting access to unauthorized AI tools, training employees on the risks, and using secure, in-house AI solutions.

****Conclusion****

Until next time, remember, cybersecurity is not a sprint, it's a marathon. Stay vigilant, stay informed, and most importantly, stay safe in this ever-evolving digital world. Together, we can build a more secure online future.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)

Red Hat Security Advisory 2024-7312-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include cross site scripting and html injection vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7312.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix UpdateAdvisory ID:        RHSA-2024:7312-03Product:            Red Hat Ansible Automation PlatformAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7312Issue date:         2024-09-27Revision:           03CVE Names:          CVE-2024-21520====================================================================Summary: An update is now available for Red Hat Ansible Automation Platform 2.4Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.Security Fix(es):* automation-controller: djangorestframework: Cross-site Scripting (XSS) via break_long_headers (CVE-2024-21520)* automation-controller: twisted: Reflected XSS via HTML Injection in Redirect Response (CVE-2024-41810)* automation-controller: urllib3: proxy-authorization request header is not stripped during cross-origin redirects (CVE-2024-37891)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Updates and fixes for automation controller:* Fixed Galaxy credentials to be correctly ordered when assigning them using 'ansible.controller.organization' (AAP-31398)* Fixed gather analytics failure due to missing '_unpartitioned_main_jobevent' table (AAP-31053)* automation-controller has been updated to 4.5.12Solution:CVEs:CVE-2024-21520References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2292788https://bugzilla.redhat.com/show_bug.cgi?id=2294457https://bugzilla.redhat.com/show_bug.cgi?id=2300497

Red Hat Security Advisory 2024-7312-03

Red Hat Security Advisory 2024-7262-03 - An update for osbuild-composer is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7262.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: osbuild-composer security updateAdvisory ID:        RHSA-2024:7262-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7262Issue date:         2024-09-27Revision:           03CVE Names:          CVE-2024-1394====================================================================Summary: An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It is compatible with composer-cli and cockpit-composer clients.Security Fix(es):* golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-1394References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2262921https://bugzilla.redhat.com/show_bug.cgi?id=2310528

Red Hat Security Advisory 2024-7262-03

Red Hat Security Advisory 2024-7261-03 - An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7261.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: osbuild-composer security updateAdvisory ID:        RHSA-2024:7261-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7261Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-34156====================================================================Summary: An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It is compatible with composer-cli and cockpit-composer clients.Security Fix(es):* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34156References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2310528

Red Hat Security Advisory 2024-7261-03

Red Hat Security Advisory 2024-7260-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and null pointer vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7260.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: net-snmp security update  
Advisory ID:        RHSA-2024:7260-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7260  
Issue date:         2024-09-26  
Revision:           03  
CVE Names:          CVE-2022-24805  
====================================================================

Summary: 

An update for net-snmp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser.

Security Fix(es):

* net-snmp: A buffer overflow in the handling of the INDEX of             NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. (CVE-2022-24805)

* : net-snmp: Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously (CVE-2022-24806)

* net-snmp: A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access (CVE-2022-24807)

* net-snmp: A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. (CVE-2022-24809)

* net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference (CVE-2022-24808)

* net-snmp: A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. (CVE-2022-24810)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-24805

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2103225  
https://bugzilla.redhat.com/show_bug.cgi?id=2104759  
https://bugzilla.redhat.com/show_bug.cgi?id=2104763  
https://bugzilla.redhat.com/show_bug.cgi?id=2104766  
https://bugzilla.redhat.com/show_bug.cgi?id=2104768  
https://bugzilla.redhat.com/show_bug.cgi?id=2104769

Red Hat Security Advisory 2024-7260-03

Red Hat Security Advisory 2024-7237-03 - Logging for Red Hat OpenShift - 5.8.13.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7237.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Logging for Red Hat OpenShift - 5.8.13  
Advisory ID:        RHSA-2024:7237-03  
Product:            logging for Red Hat OpenShift  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7237  
Issue date:         2024-09-26  
Revision:           03  
CVE Names:          CVE-2024-6104  
====================================================================

Summary: 

Logging for Red Hat OpenShift - 5.8.13

Description:

Logging for Red Hat OpenShift - 5.8.13

Solution:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

https://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html

CVEs:

CVE-2024-6104

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://issues.redhat.com/browse/LOG-5210  
https://issues.redhat.com/browse/LOG-5966  
https://issues.redhat.com/browse/LOG-6103  
https://issues.redhat.com/browse/LOG-6127  
https://issues.redhat.com/browse/LOG-6134

Red Hat Security Advisory 2024-7237-03

Red Hat Security Advisory 2024-7227-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7227.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kernel security updateAdvisory ID:        RHSA-2024:7227-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7227Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-41071====================================================================Summary: An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 6-ELS-EXTENSION Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-41071References:https://access.redhat.com/security/updates/classification/#importanthttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/6-ELS-EXTENSION/html/6-ELS-EXTENSION_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2300448

Red Hat Security Advisory 2024-7227-03

Red Hat Security Advisory 2024-7213-03 - Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7213.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Low: Updated service-interconnect rhel9 container images for 1.4 LTS  
Advisory ID:        RHSA-2024:7213-03  
Product:            Red Hat Service Interconnect  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7213  
Issue date:         2024-09-27  
Revision:           03  
CVE Names:          CVE-2024-2398  
====================================================================

Summary: 

Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.

Description:

Users of service-interconnect 1.4 LTS rhel9 container images are advised  
to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs.   
Users of these images are also encouraged to rebuild all container images that depend on these images.  
You can find images updated by this advisory the in Red Hat Container Catalog

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-2398

References:

https://access.redhat.com/security/updates/classification/#low  
https://bugzilla.redhat.com/show_bug.cgi?id=2270498  
https://bugzilla.redhat.com/show_bug.cgi?id=2279632  
https://bugzilla.redhat.com/show_bug.cgi?id=2294676  
https://bugzilla.redhat.com/show_bug.cgi?id=2294677  
https://bugzilla.redhat.com/show_bug.cgi?id=2297771  
https://bugzilla.redhat.com/show_bug.cgi?id=2302255

Red Hat Security Advisory 2024-7213-03

Red Hat Security Advisory 2024-7208-03 - An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7208.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: osbuild-composer security updateAdvisory ID:        RHSA-2024:7208-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7208Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-34156====================================================================Summary: An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud.  It is compatible with composer-cli and cockpit-composer clients.Security Fix(es):* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34156References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2310528

Tag

#red_hat