Red Hat Security Advisory 2024-4430-03 - An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4430.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: perl-HTTP-Tiny security updateAdvisory ID:        RHSA-2024:4430-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4430Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2023-31486====================================================================Summary: An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl.Security Fix(es):* http-tiny: insecure TLS cert default (CVE-2023-31486)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-31486References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2228392

Red Hat Security Advisory 2024-4430-03

Red Hat Security Advisory 2024-4429-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4429.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: containernetworking-plugins security updateAdvisory ID:        RHSA-2024:4429-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4429Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2023-45287====================================================================Summary: An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix(es):* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45287References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2253193

Red Hat Security Advisory 2024-4429-03

Red Hat Security Advisory 2024-4427-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4427.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: fence-agents security updateAdvisory ID:        RHSA-2024:4427-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4427Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2024-34064====================================================================Summary: An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es):* jinja2: accepts keys containing non-attribute characters (CVE-2024-34064)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34064References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2279476

Red Hat Security Advisory 2024-4427-03

Red Hat Security Advisory 2024-4425-03 - An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.1.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4425.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Critical: Red Hat OpenStack Platform 16.1.9 security updateAdvisory ID:        RHSA-2024:4425-03Product:            Red Hat OpenStack PlatformAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4425Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2024-32498====================================================================Summary: An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.1 (Train).Red Hat Product Security has rated this update as having a security impactof Critical. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.Description:Cinder is the replacement of nova-volume in Folsom and beyond, use d forblock storage.OpenStack Image Service (code-named Glance) providesdiscovery,registration, and delivery services for virtual disk images. TheImage Service API server provides a standard REST interface for queryinginformation about virtual disk images stored in a variety of back-endstores, including OpenStack Object Storage. Clients can register newvirtual disk images with the Image Service, query for information onpublicly available disk images, and use the Image Service's client libraryfor streaming virtual disk images.OpenStack Compute (codename Nova) is open source software designedto provision and manage large networks of virtual machines,creating aredundant and scalable cloud computing platform. It gives you the software,control panels, and APIs required to orchestrate a cloud, including runninginstances, managing networks, and controlling access through users andprojects.OpenStack Compute strives to be both hardware and hypervisoragnostic, currently supporting a variety of standard hardwareconfigurations and seven major hypervisors.Security Fix(es):* malicious qcow2/vmdk images (2024-emu CVE-2024-32498)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVEpage listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-32498References:https://access.redhat.com/security/updates/classification/#criticalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278663

Red Hat Security Advisory 2024-4425-03

Red Hat Security Advisory 2024-4422-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4422.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: fence-agents security updateAdvisory ID:        RHSA-2024:4422-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4422Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2024-37891====================================================================Summary: An update for fence-agents is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es):* urllib3: proxy-authorization request header is not stripped during cross-origin redirects (CVE-2024-37891)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-37891References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2292788

Red Hat Security Advisory 2024-4422-03

Red Hat Security Advisory 2024-4421-03 - An update for the python39:3.9 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4421.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: python39:3.9 and python39-devel:3.9 security updateAdvisory ID:        RHSA-2024:4421-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4421Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2022-40897====================================================================Summary: An update for the python39:3.9 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python is an interpreted, interactive, object-oriented programming language,which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls andlibraries, as well as to various windowing systems.Security Fix(es):* python39:3.9/python3x-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2022-40897References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2158559

Red Hat Security Advisory 2024-4421-03

Red Hat Security Advisory 2024-4420-03 - An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.10.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4420.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: virt:rhel and virt-devel:rhel security updateAdvisory ID:        RHSA-2024:4420-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4420Issue date:         2024-07-09Revision:           03CVE Names:          CVE-2024-4467====================================================================Summary: An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.10Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.Security Fix(es):* qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write (CVE-2024-4467)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-4467References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2278875

Red Hat Security Advisory 2024-4420-03

Red Hat Security Advisory 2024-4316-03 - Red Hat OpenShift Container Platform release 4.16.2 is now available with updates to packages and images that fix several bugs and add enhancements.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4316.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: OpenShift Container Platform 4.16.2 bug fix and security update  
Advisory ID:        RHSA-2024:4316-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:4316  
Issue date:         2024-07-09  
Revision:           03  
CVE Names:          CVE-2024-6104  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.16.2 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.16.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.16.2. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHBA-2024:4319

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html

Security Fix(es):

* go-retryablehttp: url might write sensitive information to log file  
(CVE-2024-6104)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  
All OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.16/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

CVEs:

CVE-2024-6104

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2294000  
https://issues.redhat.com/browse/OCPBUGS-34011  
https://issues.redhat.com/browse/OCPBUGS-34117  
https://issues.redhat.com/browse/OCPBUGS-34213  
https://issues.redhat.com/browse/OCPBUGS-34383  
https://issues.redhat.com/browse/OCPBUGS-34530  
https://issues.redhat.com/browse/OCPBUGS-34569  
https://issues.redhat.com/browse/OCPBUGS-34602  
https://issues.redhat.com/browse/OCPBUGS-35280  
https://issues.redhat.com/browse/OCPBUGS-35283  
https://issues.redhat.com/browse/OCPBUGS-35357  
https://issues.redhat.com/browse/OCPBUGS-35381  
https://issues.redhat.com/browse/OCPBUGS-35408  
https://issues.redhat.com/browse/OCPBUGS-35409  
https://issues.redhat.com/browse/OCPBUGS-35465  
https://issues.redhat.com/browse/OCPBUGS-35470  
https://issues.redhat.com/browse/OCPBUGS-35522  
https://issues.redhat.com/browse/OCPBUGS-35544  
https://issues.redhat.com/browse/OCPBUGS-35551  
https://issues.redhat.com/browse/OCPBUGS-35565  
https://issues.redhat.com/browse/OCPBUGS-35567  
https://issues.redhat.com/browse/OCPBUGS-35571  
https://issues.redhat.com/browse/OCPBUGS-35718  
https://issues.redhat.com/browse/OCPBUGS-35722  
https://issues.redhat.com/browse/OCPBUGS-35739  
https://issues.redhat.com/browse/OCPBUGS-35742  
https://issues.redhat.com/browse/OCPBUGS-35743  
https://issues.redhat.com/browse/OCPBUGS-35753  
https://issues.redhat.com/browse/OCPBUGS-35806  
https://issues.redhat.com/browse/OCPBUGS-35818  
https://issues.redhat.com/browse/OCPBUGS-35822  
https://issues.redhat.com/browse/OCPBUGS-35829  
https://issues.redhat.com/browse/OCPBUGS-35842  
https://issues.redhat.com/browse/OCPBUGS-35883  
https://issues.redhat.com/browse/OCPBUGS-35884  
https://issues.redhat.com/browse/OCPBUGS-35904  
https://issues.redhat.com/browse/OCPBUGS-35924  
https://issues.redhat.com/browse/OCPBUGS-35934  
https://issues.redhat.com/browse/OCPBUGS-35946  
https://issues.redhat.com/browse/OCPBUGS-36002  
https://issues.redhat.com/browse/OCPBUGS-36138  
https://issues.redhat.com/browse/OCPBUGS-36149  
https://issues.redhat.com/browse/OCPBUGS-36156  
https://issues.redhat.com/browse/OCPBUGS-36165  
https://issues.redhat.com/browse/OCPBUGS-36166  
https://issues.redhat.com/browse/OCPBUGS-36184  
https://issues.redhat.com/browse/OCPBUGS-36186  
https://issues.redhat.com/browse/OCPBUGS-36198  
https://issues.redhat.com/browse/OCPBUGS-36220  
https://issues.redhat.com/browse/OCPBUGS-36249  
https://issues.redhat.com/browse/OCPBUGS-36286

Red Hat Security Advisory 2024-4316-03

Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild.
Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser

Endpoint Security / Vulnerability

Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild.

Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser over the past month.

The two security shortcomings that have come under exploitation are below -

*   **CVE-2024-38080** (CVSS score: 7.8) - Windows Hyper-V Elevation of Privilege Vulnerability
*   **CVE-2024-38112** (CVSS score: 7.5) - Windows MSHTML Platform Spoofing Vulnerability

"Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment," Microsoft said of CVE-2024-38112. "An attacker would have to send the victim a malicious file that the victim would have to execute."

Check Point security researcher Haifei Li, who has been credited with discovering and reporting the flaw in May 2024, said that threat actors are leveraging specially-crafted Windows Internet Shortcut files (.URL) that, upon clicking, redirects victims to a malicious URL by invoking the retired Internet Explorer (IE) browser.

"An additional trick on IE is used to hide the malicious .HTA extension name," Li explained. "By opening the URL with IE instead of the modern and much more secure Chrome/Edge browser on Windows, the attacker gained significant advantages in exploiting the victim's computer, although the computer is running the modern Windows 10/11 operating system."

"CVE-2024-38080 is an elevation of privilege flaw in Windows Hyper-V," Satnam Narang, senior staff research engineer at Tenable, said. "A local, authenticated attacker could exploit this vulnerability to elevate privileges to SYSTEM level following an initial compromise of a targeted system."

While the exact specifics surrounding the abuse of CVE-2024-38080 is currently unknown, Narang noted that this is the first of the 44 Hyper-V flaws to come under exploitation in the wild since 2022.

Two other security flaws patched by Microsoft have been listed as publicly known at the time of the release. This includes a side-channel attack called FetchBench (CVE-2024-37985, CVSS score: 5.9) that could enable an adversary to view heap memory from a privileged process running on Arm-based systems.

The second publicly disclosed vulnerability in question is CVE-2024-35264 (CVSS score: 8.1), a remote code execution bug impacting .NET and Visual Studio.

"An attacker could exploit this by closing an http/3 stream while the request body is being processed leading to a race condition," Redmond said in an advisory. "This could result in remote code execution."

Also resolved as part of Patch Tuesday updates are 37 remote code execution flaws affecting the SQL Server Native Client OLE DB Provider, 20 Secure Boot security feature bypass vulnerabilities, three PowerShell privilege escalation bugs, and a spoofing vulnerability in the RADIUS protocol (CVE-2024-3596 aka BlastRADIUS).

"\[The SQL Server flaws\] specifically affect the OLE DB Provider, so not only do SQL Server instances need to be updated, but client code running vulnerable versions of the connection driver will also need to be addressed," Rapid7's Lead Product Manager Greg Wiseman said.

"For example, an attacker could use social engineering tactics to dupe an authenticated user into attempting to connect to a SQL Server database configured to return malicious data, allowing arbitrary code execution on the client."

Rounding off the long list of patches is CVE-2024-38021 (CVSS score: 8.8), a remote code execution flaw in Microsoft Office that, if successfully exploited, could permit an attacker to gain high privileges, including read, write, and delete functionality.

Morphisec, which reported the flaw to Microsoft in late April 2024, said the vulnerability does not require any authentication and poses a severe risk due to its zero-click nature.

"Attackers could exploit this vulnerability to gain unauthorized access, execute arbitrary code, and cause substantial damage without any user interaction," Michael Gorelik said. "The absence of authentication requirements makes it particularly dangerous, as it opens the door to widespread exploitation."

The fixes come as Microsoft announced late last month that it will begin issuing CVE identifiers for cloud-related security vulnerabilities going forward in an attempt to improve transparency.

**Software Patches from Other Vendors**

In addition to Microsoft, security updates have also been released by other vendors in the past few weeks to rectify several vulnerabilities, including —

*   Adobe
*   Amazon Web Services
*   AMD
*   Apple
*   Arm
*   Broadcom (including VMware)
*   Cisco
*   Citrix
*   CODESYS
*   D-Link
*   Dell
*   Drupal
*   Emerson
*   F5
*   Fortinet
*   Fortra FileCatalyst Workflow
*   GitLab
*   Google Android
*   Google Chrome
*   Google Cloud
*   Google Pixel
*   Google Wear OS
*   Hitachi Energy
*   HP
*   HP Enterprise
*   IBM
*   Ivanti
*   Jenkins
*   Juniper Networks
*   Lenovo
*   Linux distributions Amazon Linux, Debian, Oracle Linux, Red Hat, Rocky Linux, SUSE, and Ubuntu
*   MediaTek
*   Mitsubishi Electric
*   MongoDB
*   Mozilla Firefox and Firefox ESR
*   NETGEAR
*   NVIDIA
*   OpenSSH
*   Progress Software
*   QNAP
*   Qualcomm
*   Rockwell Automation
*   Samsung
*   SAP
*   Schneider Electric
*   Siemens
*   Splunk
*   Spring Framework
*   TP-Link
*   Veritas
*   WordPress, and
*   Zoom

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited

Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).
The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1

Vulnerability / Network Security

Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).

The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1 and 8.8p1 shipped with Red Hat Enterprise Linux 9.

Security researcher Alexander Peslyak, who goes by the alias Solar Designer, has been credited with discovering and reporting the bug, which was found during a review of CVE-2024-6387 after the latter was disclosed by Qualys earlier this month.

"The main difference from CVE-2024-6387 is that the race condition and RCE potential are triggered in the privsep child process, which runs with reduced privileges compared to the parent server process," Peslyak said.

"So the immediate impact is lower. However, there may be differences in exploitability of these vulnerabilities in a particular scenario, which could make either one of these a more attractive choice for an attacker, and if only one of these is fixed or mitigated then the other becomes more relevant."

However, it's worth noting that the signal handler race condition vulnerability is the same as CVE-2024-6387, wherein if a client does not authenticate within LoginGraceTime seconds (120 by default), then the OpenSSH daemon process' SIGALRM handler is called asynchronously, which then invokes various functions that are not async-signal-safe.

"This issue leaves it vulnerable to a signal handler race condition on the cleanup\_exit() function, which introduces the same vulnerability as CVE-2024-6387 in the unprivileged child of the SSHD server," according to the vulnerability description.

"As a consequence of a successful attack, in the worst case scenario, the attacker may be able to perform a remote code execution (RCE) within unprivileged user running the sshd server."

An active exploit for CVE-2024-6387 has since been detected in the wild, with an unknown threat actor targeting servers primarily located in China.

"The initial vector of this attack originates from the IP address 108.174.58\[.\]28, which was reported to host a directory listing exploit tools and scripts for automating the exploitation of vulnerable SSH servers," Israeli cybersecurity company Veriti said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#red_hat