Omdia Principal Analyst Hollie Hennessy says that until a promising new set of regulations around the world comes online, connected device security entails a shared responsibility among consumers, enterprises, and manufacturers.

Hollie Hennessy, Principal Analyst, IoT Cybersecurity, Omdia

November 6, 2024

4 Min Read

COMMENTARY

A broad array of Internet-connected devices have become a part of our lives, whether the mobile devices that we use daily, the Internet of Things (IoT) devices often spread throughout our "smart" homes, or even the medical devices that help provide us care when we need it.

These devices are now a fixture of our lives, professionally and personally. Unfortunately, they bring with them a countless number of cybersecurity challenges.

**Consumers Must Watch for Insecure Devices, Scams**

Historically, home IoT devices in particular have been neglected when it comes to cybersecurity. Security was rarely a concern for consumer device makers.

However, we've seen positive movement by governments globally, offering up new guidelines and regulations to facilitate better security of these products for consumers. In October alone, the Cyber Resilience Act (EU) was adopted by the council, and Australia announced its Cybersecurity Bill 2024, which proposes new security guidelines for smart devices.

That said, consumers should be aware that manufacturers might not yet be doing the best they can regarding cybersecurity. Cheap devices sold on online marketplaces often are riddled with vulnerabilities, despite looking like a good deal. Fortunately, once a number of promising new and proposed regulations take effect in many regions, this will no longer be the case — but for now, consumers must still largely look out for themselves.

Related:Any IoT Device Can Be Hacked, Even Grills

Scams are one of the most common cybersecurity issues for consumers, and IoT and mobile devices can make these scams easier to perpetrate. Mobile devices have put everything in the palm of our hand, even our financial transactions; a seemingly legitimate mobile application or a well-timed smishing message can do great harm. Consumers should be wary of anyone telling them to download an application or take any other unusual action, especially if they are asking for payment without receiving any services.

For example, in Singapore, millions of dollars are lost to scams — whether through social engineering, or malware-enabled. Scams have proliferated social media too, including Facebook, Instagram, and LinkedIn. While the government, banks, and device makers are working to address issues like this, consumers must practice vigilance throughout daily life.

**IT-OT Combination Is Emerging Issue**

For enterprises, even though information technology and operational technology (IT and OT) security are generally handled separately, Omdia believes a holistic strategy incorporating both will be increasingly important.

Organizations are also increasingly relying on IoT and other cyber-physical devices — many of which fall into critical national infrastructure sectors such as energy, transport, wastewater, and healthcare. Often, IT security tends to get a lot of focus, but it's the entire landscape, including IoT and OT, and the gaps in between that need to be adequately secured.

Enterprises will increasingly be affected by regulation as well. October also saw the deadline for European Union member states to implement the NIS 2 Directive — which is intended to enhance the security and resiliency of networking and information systems in the EU — into national law. Requirements are broadly focused on reporting, accountability, risk management, and business continuity, with minimum requirements spanning these categories, such as incident response planning, cybersecurity training, and tooling such as multifactor authentication and employee and asset access.

Despite regulatory burdens, Omdia's research suggests that cybersecurity maturity — at least for cyber-physical assets — isn't quite where it needs to be. Omdia's 2024 Cybersecurity Decision Maker Survey revealed that only 37% of organizations are confident that their business could continue to operate efficiently in the event of a cyber-physical system compromise, yet around a third do not have an adequate strategy for securing IoT devices.

**Device Manufacturers Facing Major Strategic, Operational Adjustments**

For device manufacturers, it's time to start thinking about how to adapt to an evolving regulatory environment. Even small manufacturers hoping to sell into regulated regions will need to adhere to cybersecurity requirements — setting up the product security teams, processes, and supporting technology will take a significant period of time. Collaborating effectively between product security and cybersecurity teams is no mean feat.

Considering the software and firmware element of product security also will be key. This will require new and enhanced communication between engineering and cybersecurity teams, alongside DevSecOps processes. Omdia's research suggests that consumers see security as a purchase driver for IoT devices, so it's best to start to ensure devices are secure sooner rather than later.

**About the Author**

Principal Analyst, IoT Cybersecurity, Omdia

Hollie works as a Principal Analyst within the Omdia team, providing insight into the fascinating and fast-moving domain of IoT Cybersecurity.

Hollie has a range of experience in research. She began her career in the legal sector, writing and researching for expert witness reports on the labour market. She then moved into product testing, with a consumer protection focus. In this role she was responsible for managing comparative tests of various tech products, as well as regular testing and investigative work into the security of these products.

She has published various articles for Which?, the UK's largest consumer organisation and one of the largest subscription magazines, and Computing magazine.

Despite Emerging Regulations, Mobile Device, IoT Security Requires More Industry Attention

Gentoo Linux Security Advisory 202411-5 - Multiple vulnerabilities have been discovered in libgit2, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.7.2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202411-05  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: libgit2: Multiple Vulnerabilities  
     Date: November 06, 2024  
     Bugs: #891525, #923971  
       ID: 202411-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in libgit2, the worst of  
which could lead to arbitrary code execution.

Background  
==========

libgit2 is a portable, pure C implementation of the Git core methods  
provided as a re-entrant linkable library with a solid API, allowing you  
to write native speed custom Git applications in any language that  
supports C bindings.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
dev-libs/libgit2  < 1.7.2       >= 1.7.2

Description  
===========

Multiple vulnerabilities have been discovered in libgit2. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All libgit2 users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-libs/libgit2-1.7.2"

References  
==========

[ 1 ] CVE-2023-22742  
      https://nvd.nist.gov/vuln/detail/CVE-2023-22742

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202411-05

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202411-05

Gentoo Linux Security Advisory 202411-4 - A vulnerability has been discovered in EditorConfig Core C library, which may lead to arbitrary code execution. Versions greater than or equal to 0.12.6 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202411-04  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: EditorConfig core C library: arbitrary stack write  
     Date: November 06, 2024  
     Bugs: #905308  
       ID: 202411-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in EditorConfig Core C library,  
which may lead to arbitrary code execution.

Background  
==========

EditorConfig core library written in C (for use by plugins supporting  
EditorConfig parsing)

Affected packages  
=================

Package                       Vulnerable    Unaffected  
----------------------------  ------------  ------------  
app-text/editorconfig-core-c  < 0.12.6      >= 0.12.6

Description  
===========

A vulnerability has been discovered in EditorConfig Core C library.  
Please review the CVE identifier referenced below for details.

Impact  
======

Please review the referenced CVE identifier for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All EditorConfig core C library users should upgrade to the latest  
version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-text/editorconfig-core-c-0.12.6"

References  
==========

[ 1 ] CVE-2023-0341  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0341

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202411-04

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202411-04

Gentoo Linux Security Advisory 202411-3 - A vulnerability has been discovered in Ubiquiti UniFi, which can lead to local privilege escalation. Versions greater than or equal to 8.5.6 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202411-03  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Ubiquiti UniFi: Privilege Escalation  
     Date: November 06, 2024  
     Bugs: #941922  
       ID: 202411-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Ubiquiti UniFi, which can lead to  
local privilege escalation.

Background  
==========

Ubiquiti UniFi is a Management Controller for Ubiquiti Networks UniFi  
APs.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
net-wireless/unifi  < 8.5.6       >= 8.5.6

Description  
===========

A vulnerability has been discovered in Ubiquiti UniFi. Please review the  
CVE identifier referenced below for details.

Impact  
======

The vulnerability allows a malicious actor with a local operational  
system user to execute high privilege actions on UniFi Network Server.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Ubiquiti UniFi users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-wireless/unifi-8.5.6"

References  
==========

[ 1 ] CVE-2024-42028  
      https://nvd.nist.gov/vuln/detail/CVE-2024-42028

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202411-03

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202411-03

Gentoo Linux Security Advisory 202411-2 - A vulnerability has been discovered in Flatpak, which can lead to a sandbox escape. Versions greater than or equal to 1.4.10 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202411-02  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Flatpak: Sandbox Escape  
     Date: November 06, 2024  
     Bugs: #937936  
       ID: 202411-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Flatpak, which can lead to a  
sandbox escape.

Background  
==========

Flatpak is a Linux application sandboxing and distribution framework.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
sys-apps/flatpak  < 1.4.10      >= 1.4.10

Description  
===========

A vulnerability has been discovered in Flatpak. Please review the CVE  
identifier referenced below for details.

Impact  
======

A malicious or compromised Flatpak app using persistent directories  
could  
read and write files in locations it would not normally have access to.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Flatpak users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=sys-apps/flatpak-1.4.10"

References  
==========

[ 1 ] CVE-2024-42472  
      https://nvd.nist.gov/vuln/detail/CVE-2024-42472

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202411-02

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202411-02

Ubuntu Security Notice 7088-3 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7088-3November 06, 2024linux-aws-5.4, linux-oracle-5.4 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems- linux-oracle-5.4: Linux kernel for Oracle Cloud systemsDetails:Ziming Zhang discovered that the VMware Virtual GPU DRM driver in theLinux kernel contained an integer overflow vulnerability. A localattacker could use this to cause a denial of service (system crash).(CVE-2022-36402)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM64 architecture;  - PowerPC architecture;  - User-Mode Linux (UML);  - x86 architecture;  - Block layer subsystem;  - Cryptographic API;  - Android drivers;  - Serial ATA and Parallel ATA drivers;  - ATM drivers;  - Drivers core;  - CPU frequency scaling framework;  - Device frequency scaling framework;  - GPU drivers;  - HID subsystem;  - Hardware monitoring drivers;  - InfiniBand drivers;  - Input Device core drivers;  - Input Device (Miscellaneous) drivers;  - IOMMU subsystem;  - IRQ chip drivers;  - ISDN/mISDN subsystem;  - LED subsystem;  - Multiple devices driver;  - Media drivers;  - EEPROM drivers;  - VMware VMCI Driver;  - MMC subsystem;  - Network drivers;  - Near Field Communication (NFC) drivers;  - NVME drivers;  - Device tree and open firmware driver;  - Parport drivers;  - PCI subsystem;  - Pin controllers subsystem;  - Remote Processor subsystem;  - S/390 drivers;  - SCSI drivers;  - QCOM SoC drivers;  - Direct Digital Synthesis drivers;  - TTY drivers;  - Userspace I/O drivers;  - DesignWare USB3 driver;  - USB Gadget drivers;  - USB Serial drivers;  - BTRFS file system;  - File systems infrastructure;  - Ext4 file system;  - F2FS file system;  - JFS file system;  - NILFS2 file system;  - BPF subsystem;  - Core kernel;  - DMA mapping infrastructure;  - Tracing infrastructure;  - Radix Tree data structure library;  - Kernel userspace event delivery library;  - Objagg library;  - Memory management;  - Amateur Radio drivers;  - Bluetooth subsystem;  - CAN network layer;  - Networking core;  - Ethtool driver;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - KCM (Kernel Connection Multiplexor) sockets driver;  - MAC80211 subsystem;  - Netfilter;  - Network traffic control;  - SCTP protocol;  - Sun RPC protocol;  - TIPC protocol;  - TLS protocol;  - Wireless networking;  - AppArmor security module;  - Simplified Mandatory Access Control Kernel framework;  - SoC audio core drivers;  - USB sound devices;(CVE-2021-47212, CVE-2024-44965, CVE-2024-46676, CVE-2024-41091,CVE-2024-44946, CVE-2024-43894, CVE-2024-26668, CVE-2024-42259,CVE-2024-42295, CVE-2024-46685, CVE-2024-46722, CVE-2024-45028,CVE-2024-46815, CVE-2024-41081, CVE-2024-41022, CVE-2024-44948,CVE-2024-42301, CVE-2024-43914, CVE-2024-46771, CVE-2024-42289,CVE-2024-43841, CVE-2024-41042, CVE-2024-44999, CVE-2024-43893,CVE-2024-46758, CVE-2024-46828, CVE-2024-36484, CVE-2024-26669,CVE-2024-44952, CVE-2024-42265, CVE-2024-42311, CVE-2024-43880,CVE-2024-41070, CVE-2024-46829, CVE-2024-42292, CVE-2024-46719,CVE-2024-41020, CVE-2024-41015, CVE-2024-42283, CVE-2024-46744,CVE-2024-46679, CVE-2024-46800, CVE-2024-46777, CVE-2024-43835,CVE-2024-42271, CVE-2024-43882, CVE-2024-41072, CVE-2024-35848,CVE-2024-43860, CVE-2024-38611, CVE-2024-26607, CVE-2024-47663,CVE-2024-46780, CVE-2024-46675, CVE-2024-45003, CVE-2024-44969,CVE-2024-42244, CVE-2024-43856, CVE-2024-46755, CVE-2024-42286,CVE-2024-41063, CVE-2024-41068, CVE-2024-46743, CVE-2024-43839,CVE-2024-41065, CVE-2023-52531, CVE-2024-41090, CVE-2024-46747,CVE-2023-52614, CVE-2024-43853, CVE-2024-46737, CVE-2024-45021,CVE-2024-41012, CVE-2024-41064, CVE-2024-26800, CVE-2024-42246,CVE-2024-43908, CVE-2024-46723, CVE-2024-42310, CVE-2024-46781,CVE-2023-52918, CVE-2024-42313, CVE-2024-45006, CVE-2024-43890,CVE-2024-44954, CVE-2024-43858, CVE-2024-41098, CVE-2024-41071,CVE-2024-26641, CVE-2024-42280, CVE-2024-46673, CVE-2024-43846,CVE-2024-46721, CVE-2024-47667, CVE-2024-26885, CVE-2024-42304,CVE-2024-46745, CVE-2024-26640, CVE-2024-43861, CVE-2024-42287,CVE-2024-44998, CVE-2024-40929, CVE-2024-41073, CVE-2024-46689,CVE-2024-44944, CVE-2024-46756, CVE-2024-42305, CVE-2024-42284,CVE-2024-42281, CVE-2024-42288, CVE-2024-41011, CVE-2024-47668,CVE-2024-43830, CVE-2024-46740, CVE-2024-46677, CVE-2024-43867,CVE-2024-46783, CVE-2024-46844, CVE-2024-43854, CVE-2024-42297,CVE-2024-46738, CVE-2024-46739, CVE-2024-44947, CVE-2024-43883,CVE-2024-43884, CVE-2024-46798, CVE-2024-46757, CVE-2024-43879,CVE-2024-47659, CVE-2024-46817, CVE-2024-45008, CVE-2024-47669,CVE-2024-43871, CVE-2024-44960, CVE-2024-27051, CVE-2024-44988,CVE-2024-46840, CVE-2024-41059, CVE-2024-46822, CVE-2024-42276,CVE-2024-45026, CVE-2024-46761, CVE-2024-44995, CVE-2024-44987,CVE-2024-26891, CVE-2024-46782, CVE-2024-42309, CVE-2024-42131,CVE-2024-46759, CVE-2024-42229, CVE-2024-46714, CVE-2024-42290,CVE-2024-44935, CVE-2024-42285, CVE-2024-38602, CVE-2024-43829,CVE-2024-42306, CVE-2024-41017, CVE-2024-45025, CVE-2024-46818,CVE-2024-46750)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS  linux-image-5.4.0-1134-oracle   5.4.0-1134.143~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-1135-aws      5.4.0-1135.145~18.04.1          Available with Ubuntu Pro  linux-image-aws                 5.4.0.1135.145~18.04.1          Available with Ubuntu Pro  linux-image-oracle              5.4.0.1134.143~18.04.1          Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7088-3  https://ubuntu.com/security/notices/USN-7088-2  https://ubuntu.com/security/notices/USN-7088-1  CVE-2021-47212, CVE-2022-36402, CVE-2023-52531, CVE-2023-52614,  CVE-2023-52918, CVE-2024-26607, CVE-2024-26640, CVE-2024-26641,  CVE-2024-26668, CVE-2024-26669, CVE-2024-26800, CVE-2024-26885,  CVE-2024-26891, CVE-2024-27051, CVE-2024-35848, CVE-2024-36484,  CVE-2024-38602, CVE-2024-38611, CVE-2024-40929, CVE-2024-41011,  CVE-2024-41012, CVE-2024-41015, CVE-2024-41017, CVE-2024-41020,  CVE-2024-41022, CVE-2024-41042, CVE-2024-41059, CVE-2024-41063,  CVE-2024-41064, CVE-2024-41065, CVE-2024-41068, CVE-2024-41070,  CVE-2024-41071, CVE-2024-41072, CVE-2024-41073, CVE-2024-41081,  CVE-2024-41090, CVE-2024-41091, CVE-2024-41098, CVE-2024-42131,  CVE-2024-42229, CVE-2024-42244, CVE-2024-42246, CVE-2024-42259,  CVE-2024-42265, CVE-2024-42271, CVE-2024-42276, CVE-2024-42280,  CVE-2024-42281, CVE-2024-42283, CVE-2024-42284, CVE-2024-42285,  CVE-2024-42286, CVE-2024-42287, CVE-2024-42288, CVE-2024-42289,  CVE-2024-42290, CVE-2024-42292, CVE-2024-42295, CVE-2024-42297,  CVE-2024-42301, CVE-2024-42304, CVE-2024-42305, CVE-2024-42306,  CVE-2024-42309, CVE-2024-42310, CVE-2024-42311, CVE-2024-42313,  CVE-2024-43829, CVE-2024-43830, CVE-2024-43835, CVE-2024-43839,  CVE-2024-43841, CVE-2024-43846, CVE-2024-43853, CVE-2024-43854,  CVE-2024-43856, CVE-2024-43858, CVE-2024-43860, CVE-2024-43861,  CVE-2024-43867, CVE-2024-43871, CVE-2024-43879, CVE-2024-43880,  CVE-2024-43882, CVE-2024-43883, CVE-2024-43884, CVE-2024-43890,  CVE-2024-43893, CVE-2024-43894, CVE-2024-43908, CVE-2024-43914,  CVE-2024-44935, CVE-2024-44944, CVE-2024-44946, CVE-2024-44947,  CVE-2024-44948, CVE-2024-44952, CVE-2024-44954, CVE-2024-44960,  CVE-2024-44965, CVE-2024-44969, CVE-2024-44987, CVE-2024-44988,  CVE-2024-44995, CVE-2024-44998, CVE-2024-44999, CVE-2024-45003,  CVE-2024-45006, CVE-2024-45008, CVE-2024-45021, CVE-2024-45025,  CVE-2024-45026, CVE-2024-45028, CVE-2024-46673, CVE-2024-46675,  CVE-2024-46676, CVE-2024-46677, CVE-2024-46679, CVE-2024-46685,  CVE-2024-46689, CVE-2024-46714, CVE-2024-46719, CVE-2024-46721,  CVE-2024-46722, CVE-2024-46723, CVE-2024-46737, CVE-2024-46738,  CVE-2024-46739, CVE-2024-46740, CVE-2024-46743, CVE-2024-46744,  CVE-2024-46745, CVE-2024-46747, CVE-2024-46750, CVE-2024-46755,  CVE-2024-46756, CVE-2024-46757, CVE-2024-46758, CVE-2024-46759,  CVE-2024-46761, CVE-2024-46771, CVE-2024-46777, CVE-2024-46780,  CVE-2024-46781, CVE-2024-46782, CVE-2024-46783, CVE-2024-46798,  CVE-2024-46800, CVE-2024-46815, CVE-2024-46817, CVE-2024-46818,  CVE-2024-46822, CVE-2024-46828, CVE-2024-46829, CVE-2024-46840,  CVE-2024-46844, CVE-2024-47659, CVE-2024-47663, CVE-2024-47667,  CVE-2024-47668, CVE-2024-47669

Ubuntu Security Notice USN-7088-3

Gentoo Linux Security Advisory 202411-1 - A vulnerability has been discovered in Neat VNC, which can lead to authentication bypass. Versions greater than or equal to 0.8.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202411-01  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Neat VNC: Authentication Bypass  
     Date: November 06, 2024  
     Bugs: #937140  
       ID: 202411-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Neat VNC, which can lead to  
authentication bypass.

Background  
==========

Neat VNC is a liberally licensed VNC server library that's intended to  
be fast and neat.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
gui-libs/neatvnc  < 0.8.1       >= 0.8.1

Description  
===========

Neat VNC allows remote attackers to bypass authentication via a request  
in which the client specifies an insecure security type such as "Type 1  
- None", which is accepted even if it is not offered by the server, as  
originally demonstrated using a long password.

Impact  
======

A remote attacker can opt not to use any authentication method and  
access the VNC server.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Neat VNC users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=gui-libs/neatvnc-0.8.1"

References  
==========

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202411-01

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202411-01

Ubuntu Security Notice 7093-1 - It was discovered that Werkzeug incorrectly handled multiple form submission requests. A remote attacker could possibly use this issue to cause Werkzeug to consume resources, leading to a denial of service.

==========================================================================  
Ubuntu Security Notice USN-7093-1  
November 05, 2024

python-werkzeug vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS

Summary:

Werkzeug could be made to consume resources if it received specially  
crafted network traffic.

Software Description:  
- python-werkzeug: collection of utilities for WSGI applications

Details:

It was discovered that Werkzeug incorrectly handled multiple form  
submission requests. A remote attacker could possibly use this issue to  
cause Werkzeug to consume resources, leading to a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  python3-werkzeug                3.0.3-1ubuntu0.1

Ubuntu 24.04 LTS  
  python3-werkzeug                3.0.1-3ubuntu0.2

Ubuntu 22.04 LTS  
  python3-werkzeug                2.0.2+dfsg1-1ubuntu0.22.04.3

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7093-1  
  CVE-2024-49767

Package Information:  
  https://launchpad.net/ubuntu/+source/python-werkzeug/3.0.3-1ubuntu0.1  
  https://launchpad.net/ubuntu/+source/python-werkzeug/3.0.1-3ubuntu0.2  
  https://launchpad.net/ubuntu/+source/python-werkzeug/2.0.2+dfsg1-1ubuntu0.22.04.3

Ubuntu Security Notice USN-7093-1

Red Hat Security Advisory 2024-8935-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8935.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: edk2 security updateAdvisory ID:        RHSA-2024:8935-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8935Issue date:         2024-11-06Revision:           03CVE Names:          CVE-2024-6119====================================================================Summary: An update for edk2 is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es):* openssl: Possible denial of service in X.509 name checks (CVE-2024-6119)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6119References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2306158

Red Hat Security Advisory 2024-8935-03

Red Hat Security Advisory 2024-8929-03 - An update for mod_jk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service and information leakage vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8929.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: mod_jk security updateAdvisory ID:        RHSA-2024:8929-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8929Issue date:         2024-11-06Revision:           03CVE Names:          CVE-2024-46544====================================================================Summary: An update for mod_jk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The mod_jk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine.Security Fix(es):* mod_jk: information Disclosure / DoS (CVE-2024-46544)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-46544References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2314194https://issues.redhat.com/browse/RHEL-65739

Tag

#vulnerability