#vulnerability

Ubuntu Security Notice 7092-2 - USN-7092-1 fixed a vulnerability in mpg123. Bastien Roucariès discovered that the fix was incomplete on Ubuntu 20.04 LTS. This update fixes the problem. It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2024-8704-03 - Kube Descheduler Operator for Red Hat OpenShift 5.0.2 for RHEL 9.

Red Hat Security Advisory 2024-10704-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

Red Hat Security Advisory 2024-10702-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

Red Hat Security Advisory 2024-10677-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-10667-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.

Red Hat Security Advisory 2024-10666-03 - An update for the gimp:2.8.22 module is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a buffer overflow vulnerability.

Nvidia GeForce version 11.0.1.163 suffers from an unquoted service path vulnerability.

With cybersecurity talent hard to come by and companies increasingly looking for guidance and best practices, virtual and fractional chief information security officers can make a lot of sense.

### Impact An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used `IP_PMTUDISC_DO`, the kernel would then return a "message too large" error on `sendmsg`, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they're unable to establish a QUIC connection). As far as I understand, the kernel tracks the MTU per 4-tuple, so the attacker needs to at least know the client's IP and port tuple to mount an attack (assuming that it knows the server's IP and port). ### Patches The fix is easy: Use `IP_PMTUDISC_PROBE` instead of `IP_PMTUDISC_DO`. This socket option only sets the D...