Red Hat Security Advisory 2024-1962-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1962.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: go-toolset:rhel8 security updateAdvisory ID:        RHSA-2024:1962-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1962Issue date:         2024-04-23Revision:           03CVE Names:          CVE-2023-45288====================================================================Summary: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es):* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45288References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2268273

Red Hat Security Advisory 2024-1962-03

Red Hat Security Advisory 2024-1961-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1961.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch security updateAdvisory ID:        RHSA-2024:1961-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1961Issue date:         2024-04-23Revision:           03CVE Names:          CVE-2023-3812====================================================================Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.Security Fix(es):* kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-3812References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2224048

Red Hat Security Advisory 2024-1961-03

Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1960.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: kpatch-patch security updateAdvisory ID:        RHSA-2024:1960-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1960Issue date:         2024-04-23Revision:           03CVE Names:          CVE-2023-4622====================================================================Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.Security Fix(es):* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-4622References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2237757https://bugzilla.redhat.com/show_bug.cgi?id=2237760

Red Hat Security Advisory 2024-1960-03

Red Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1959.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: shim security update  
Advisory ID:        RHSA-2024:1959-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1959  
Issue date:         2024-04-23  
Revision:           03  
CVE Names:          CVE-2023-40546  
====================================================================

Summary: 

An update for shim is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The shim package contains a first-stage UEFI boot loader that handles chaining  
to a trusted full boot loader under secure boot environments.

Security Fix(es):

* shim: RCE in http boot support may lead to Secure Boot bypass (CVE-2023-40547)

* shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems (CVE-2023-40548)

* shim: Out-of-bounds read printing error messages (CVE-2023-40546)

* shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file (CVE-2023-40549)

* shim: Out-of-bound read in verify_buffer_sbat() (CVE-2023-40550)

* shim: out of bounds read when parsing MZ binaries (CVE-2023-40551)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

IMPORTANT: The new shim revokes ALL VERSIONS of GRUB2 before grub2-2.02-0.87.el7_9.14. Therefore GRUB2 MUST be updated to the latest  
version: grub2-2.02-0.87.el7_9.14 BEFORE or SIMULTANEOUSLY with this shim in order for Secure Boot to continue to work. Failure to update GRUB2 will result in an UNBOOTABLE system.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-40546

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2234589  
https://bugzilla.redhat.com/show_bug.cgi?id=2241782  
https://bugzilla.redhat.com/show_bug.cgi?id=2241796  
https://bugzilla.redhat.com/show_bug.cgi?id=2241797  
https://bugzilla.redhat.com/show_bug.cgi?id=2259915  
https://bugzilla.redhat.com/show_bug.cgi?id=2259918  
https://issues.redhat.com/browse/RHEL-2155  
https://issues.redhat.com/browse/RHEL-4382  
https://issues.redhat.com/browse/RHEL-4390

Red Hat Security Advisory 2024-1959-03

Red Hat Security Advisory 2024-1948-03 - An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include denial of service and server-side request forgery vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1948.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available (updates to RHBQ 2.13.9.SP2)  
Advisory ID:        RHSA-2024:1948-03  
Product:            Red Hat Integration  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1948  
Issue date:         2024-04-22  
Revision:           03  
CVE Names:            
====================================================================

Summary: 

An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available (updates to RHBQ 2.13.9.SP2).  
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.  
Red Hat Product Security has rated this update as having a security impact of Important.

Description:

An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available (updates to RHBQ 2.13.9.SP2).  
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:  
* TRIAGE CVE-2024-28752 cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding  
* TRIAGE CVE-2024-25710 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file  
* TRIAGE CVE-2024-26308 commons-compress: OutOfMemoryError unpacking broken Pack200 file

Solution:

CVEs:

References:

https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2024-1948-03

Artificial intelligence (AI) is being introduced to just about every facet of life these days. AI is being used to develop code, communicate with customers, and write in various media. Cyber security, particularly product security is another place AI can have a significant impact. AI is being built into security tools, and, on the flip side, into the realm of exploitation. AI is now mainstream and won't be going away anytime soon, so security professionals need to learn how to best use it to help enhance the security of their systems and products.AI and its implications for securityThe term "a

**Artificial intelligence** (AI) is being introduced to just about every facet of life these days. AI is being used to develop code, communicate with customers, and write in various media. Cyber security, particularly product security is another place AI can have a significant impact. AI is being built into security tools, and, on the flip side, into the realm of exploitation. AI is now mainstream and won't be going away anytime soon, so security professionals need to learn how to best use it to help enhance the security of their systems and products.

**AI and its implications for security**

The term "artificial intelligence" refers to using computer systems to simulate human intelligence. AI systems are able to perform a growing variety of tasks, such as pattern recognition, learning and problem solving. Within AI there are different fields like machine learning (ML), which enables systems to learn and improve over time; natural language processing (NLP), which attempts to mimic human speech; computer vision, which utilizes cameras as input to perform various tasks, and more.

These applications of AI are being woven into a vast array of systems to automate, analyze and improve current processes. Within the world of cyber security, AI is filling—or assisting with—a number of roles and processes. It's being used to analyze logs, predict threats, read source code, identify vulnerabilities and even to create or exploit vulnerabilities.

**Using AI to detect cyber security attacks**

Considering AI’s proficiency in pattern recognition, detecting cyber security anomalies is an obvious use case for it. Behavior anomaly detection is a good example of this. Through the use of machine learning, a model can identify what normal behavior within a system looks like, and single out any instances that deviate from the norm. This can help identify potential attacks as well as help identify systems that are not working as intended by catching outliers in their behavior.

Even user behavior that might be an issue, such as accidental data leaking or exfiltration, can potentially be discovered through AI pattern recognition or other mechanisms. Using datasets either made or consumed by the organization can be also used to watch for patterns and outlier behavior on a broader scale, in an attempt to determine the likelihood of the organization being targeted by cyber security incidents happening throughout the world.

**Use case 1: Anomaly detection**

Anomaly detection—the identification of unusual, rare, or otherwise anomalous patterns in logs, traffic, or other data—is a good fit for the pattern recognition power of ML. Whether its network traffic, user activities, or other data, given the right algorithm and training, AI/ML is ideally suited for spotting potentially harmful outliers. This can be done in a number of ways, starting with real time monitoring and alerting. This method starts with preset norms for a system such as network traffic, API calls or logs, and can employ statistical analysis to continuously monitor system behavior and actions. The model is able to trigger an alert anytime anomalous or rare actions are discovered.

Not only is AI/ML great at spotting patterns, it is also able to categorize and group them. This is essential for assigning priority levels to various events, which can help prevent "alert fatigue," which can happen if a user or team is inundated with alerts, many of which may be little more than noise. What often happens is that the alerts lose their importance, and many if not all alerts are viewed as noise and not properly investigated. Using these capabilities, AI/ML is able to provide intelligent insights, helping users make more informed choices.

**Use case 2: AI-assisted cyber threat intelligence**

The ability to monitor systems and provide real time alerts can be vital, but AI/ML can also be used to help enhance the security of systems before a security event takes place. Cyber Threat Intelligence (CTI) works by collecting information about cyber security attacks and events. The goal of CTI is to be informed about new or ongoing threats with the intent being to proactively prepare teams about the possibility of an attack to your organization before an attack takes place. CTI also provides value in dealing with existing attacks by helping incident response teams better understand what they are dealing with.

Traditionally, the collection, organization and analysis of this data was done by security professionals, but AI/ML is able to handle many of the routine or mundane tasks, and help with organization and analysis, letting those teams focus on the decision making required when they have the necessary information in an actionable format.

**Using AI to prevent vulnerabilities**

While leveraging AI/ML to detect and prevent cyber security attacks is valuable, preventing vulnerabilities in software is also hugely important. AI assistants in code editors, build pipelines and the tools used to test or validate running systems are quickly becoming the norm in many facets of IT.

As with CTI, AI systems can help alleviate mundane tasks, freeing humans to spend more time working on more valuable projects and innovations. Code reviews, while important, can be improved by leveraging Static Application Security Testing (SAST). While SAST platforms have existed for some time now, their biggest issue is the often large quantity of false positives they generate. Enter AI/ML’s ability to take a more intelligent look at source code, along with infrastructure and configuration code. AI is also starting to be used to run Dynamic Application Security Testing (DAST) to test running applications to see if common attacks would be successful.

**Use case 3: AI-assisted code scanning**

SAST has long used a “sources and sinks” approach to code scanning. This refers to a way to track the flow of data, looking for common pitfalls. The various tools produced for static code scanning often use this model. While this is a valid way to look at code, it can lead to many false positives that then need to be manually validated.

AI/ML can provide value here by learning and understanding the context or intent around possible findings in the code base, reducing false positives and false negatives. Not only that, but both SAST tools and AI assistants have been added to code editors, helping developers catch those errors before they are ever submitted. There are a few limitations, however, including language support and scalability with very large code bases, but these are quickly being addressed.

**Use case 4: Automate discovery of vulnerabilities**

Code reviews can be a time consuming process, but once that code is submitted, testing doesn’t usually end. DAST is used to test common attacks against a running application. There are a few tools on the market that help with this well, but like coding itself, there is some ramp up time involved. A user needs to understand these attack types, and how to replicate them through the DAST tool and then automate them.

Recently, DAST and related application testing tools have begun to implement AI/ML either directly into their platforms, or as plugins, allowing for a great deal of improved automated scanning. Not only does this free up staff who would need that ramp up time and the time needed to run the different attacks, it also frees up the time and money needed to do full blown penetration testing. Penetration testing still very much requires a human who is capable of thinking like an attacker and recognizing potential weaknesses, often creating novel ways of verifying that they are indeed exploitable.

**Protecting AI itself**

Although AI can help eliminate many human errors, it itself is still susceptible. First there is the bane of many IT problems, poor or improper configuration. Closely related is the need to more securely train and validate the model and its processes. Failure to do so can quickly lead to a system that is not well understood by its users, creating a kind of black box and a poor model lifecycle management process.

One of the most commonly discussed security concerns related to AI is data poisoning. Human beings often collect data that is then used to train AI/ML algorithms, and as humans, we can introduce bias into the data. This is a simple enough concept to watch out for, but sometimes that bias is added on purpose. Attackers, through various mechanisms, can intentionally poison the dataset used to train and validate AI/ML systems. It is then conceivable that the new biased output from the system can be used for nefarious purposes.

As AI is quickly becoming more mainstream, our understanding and training is lagging behind, especially security training around AI/ML. Much of the inner workings of AI/ML systems are not well understood by many outside the tech community, and this can become worse if systems are neglected and lack transparency.

This leads to another fairly common problem in technology: proper documentation. Systems require documentation that is easy to understand and comprehensive enough to cover the great majority of the system in question.

Finally, governments around the world are discussing and planning (or even already making) regulations related to AI/ML systems. It's not inconceivable that secure AI/ML certifications will be developed, so doing what we can to make sure that systems being developed today are as secure and valid as possible will likely save work down the road.

**Final thoughts**

As we become more and more dependent on AI systems, the speed and accuracy of machine learning in securing the systems we use won’t just be a “nice to have,” but will increasingly become a “must have.” It is all but a guarantee that bad actors will use AI/ML systems to conduct their attacks, so the defenders will need to implement these systems to help protect and defend their organizations and systems.

Ideally, students getting ready to enter the workforce will learn about AI/ML systems, but the grizzled veterans will need to embrace this as well. The best thing individuals can do is make sure they have at least a basic understanding of AI, and the best thing organizations can do is to start looking at how they can best leverage AI/ML in their products, systems and security.

**How Red Hat can help**

Red Hat OpenShift AI can help build out models and integrate AI into applications. For organizations in the security space, OpenShift AI can help you build the power of AI into your products. AI-enabled applications are only going to become more prevalent, and OpenShift AI is a powerful, scalable AI development platform that can help bring those applications to production.

Try Red Hat OpenShift AI

4 use cases for AI in cyber security

Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1904.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:1904-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1904Issue date:         2024-04-18Revision:           03CVE Names:          CVE-2024-2609====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 115.10.0 ESR.Security Fix(es):  * GetBoundName in the JIT returned the wrong object (CVE-2024-3852)* Out-of-bounds-read after mis-optimized switch statement (CVE-2024-3854)* Incorrect JITting of arguments led to use-after-free during garbage collection (CVE-2024-3857)* Permission prompt input delay could expire when not in focus (CVE-2024-2609)* Integer-overflow led to out-of-bounds-read in the OpenType sanitizer (CVE-2024-3859)* Potential use-after-free due to AlignedBuffer self-move (CVE-2024-3861)* Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 (CVE-2024-3864)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-2609References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2275547https://bugzilla.redhat.com/show_bug.cgi?id=2275549https://bugzilla.redhat.com/show_bug.cgi?id=2275550https://bugzilla.redhat.com/show_bug.cgi?id=2275551https://bugzilla.redhat.com/show_bug.cgi?id=2275552https://bugzilla.redhat.com/show_bug.cgi?id=2275553https://bugzilla.redhat.com/show_bug.cgi?id=2275555

Red Hat Security Advisory 2024-1904-03

Red Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1901.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: Red Hat Service Interconnect 1.5.3 Release (images)  
Advisory ID:        RHSA-2024:1901-03  
Product:            Red Hat Service Interconnect  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1901  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-39318  
====================================================================

Summary: 

OpenShift container images for the Red Hat Service Interconnect 1.5 release.

Red Hat Product Security has rated this update as having a security impact of  
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives  
a detailed severity rating, is available for each vulnerability from the CVE  
link(s) in the References section.

Description:

Red Hat Service Interconnect 1.5 creates a service network, linking  
TCP and HTTP services across the hybrid cloud.  
A service network enables communication between services running in different network locations or sites.  
It allows geographically distributed services to connect as if they were all running in the same site.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-39318

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_service_interconnect/  
https://bugzilla.redhat.com/show_bug.cgi?id=2237773  
https://bugzilla.redhat.com/show_bug.cgi?id=2237776  
https://bugzilla.redhat.com/show_bug.cgi?id=2237777  
https://bugzilla.redhat.com/show_bug.cgi?id=2237778  
https://bugzilla.redhat.com/show_bug.cgi?id=2253193  
https://bugzilla.redhat.com/show_bug.cgi?id=2253330  
https://issues.redhat.com/browse/SKUPPER-1304  
https://issues.redhat.com/browse/SKUPPER-1338  
https://issues.redhat.com/browse/SKUPPER-1463  
https://issues.redhat.com/browse/SKUPPER-976

Red Hat Security Advisory 2024-1901-03

Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1883.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: shim security update  
Advisory ID:        RHSA-2024:1883-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1883  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-40546  
====================================================================

Summary: 

An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended  
Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The shim package contains a first-stage UEFI boot loader that handles chaining  
to a trusted full boot loader under secure boot environments.

Security Fix(es):

* shim: RCE in http boot support may lead to Secure Boot bypass (CVE-2023-40547)

* shim: Interger overflow leads to heap buffer overflow in verify_sbat_section  
on 32-bits systems (CVE-2023-40548)

* shim: Out-of-bounds read printing error messages (CVE-2023-40546)

* shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file  
(CVE-2023-40549)

* shim: Out-of-bound read in verify_buffer_sbat() (CVE-2023-40550)

* shim: out of bounds read when parsing MZ binaries (CVE-2023-40551)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-40546

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2234589  
https://bugzilla.redhat.com/show_bug.cgi?id=2241782  
https://bugzilla.redhat.com/show_bug.cgi?id=2241796  
https://bugzilla.redhat.com/show_bug.cgi?id=2241797  
https://bugzilla.redhat.com/show_bug.cgi?id=2259915  
https://bugzilla.redhat.com/show_bug.cgi?id=2259918

Red Hat Security Advisory 2024-1883-03

Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1882.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: kernel-rt security and bug fix update  
Advisory ID:        RHSA-2024:1882-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:1882  
Issue date:         2024-04-18  
Revision:           03  
CVE Names:          CVE-2023-6240  
====================================================================

Summary: 

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)

* kernel: tls: use-after-free with partial reads and async decrypt (CVE-2024-26582)

* kernel: tls: handle backlogging of crypto requests (CVE-2024-26584)

* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)

Bug Fix(es):

* kernel-rt: kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (JIRA:RHEL-29214)

* kernel-rt: update RT source tree to the latest RHEL-9.2 ad hoc schedule build (JIRA:RHEL-30439)

* kernel-rt: kernel: tls: use-after-free with partial reads and async decrypt (JIRA:RHEL-26399)

* kernel-rt: kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (JIRA:RHEL-29687)

* kernel-rt: kernel: tls: handle backlogging of crypto requests (JIRA:RHEL-30451)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6240

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2250843  
https://bugzilla.redhat.com/show_bug.cgi?id=2265518  
https://bugzilla.redhat.com/show_bug.cgi?id=2265519  
https://bugzilla.redhat.com/show_bug.cgi?id=2265645

Tag

#red_hat