Red Hat Security Advisory 2024-8929-03 - An update for mod_jk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service and information leakage vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8929.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: mod_jk security updateAdvisory ID:        RHSA-2024:8929-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8929Issue date:         2024-11-06Revision:           03CVE Names:          CVE-2024-46544====================================================================Summary: An update for mod_jk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The mod_jk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine.Security Fix(es):* mod_jk: information Disclosure / DoS (CVE-2024-46544)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-46544References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2314194https://issues.redhat.com/browse/RHEL-65739

Red Hat Security Advisory 2024-8929-03

Red Hat Security Advisory 2024-8928-03 - An update for mod_jk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include denial of service and information leakage vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8928.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: mod_jk security updateAdvisory ID:        RHSA-2024:8928-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8928Issue date:         2024-11-06Revision:           03CVE Names:          CVE-2024-46544====================================================================Summary: An update for mod_jk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The mod_jk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine.Security Fix(es):* mod_jk: information Disclosure / DoS (CVE-2024-46544)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-46544References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2314194https://issues.redhat.com/browse/RHEL-65726

Red Hat Security Advisory 2024-8928-03

Red Hat Security Advisory 2024-8922-03 - An update for bzip2 is now available for Red Hat Enterprise Linux 8. Issues addressed include an out of bounds write vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8922.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: bzip2 security updateAdvisory ID:        RHSA-2024:8922-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8922Issue date:         2024-11-06Revision:           03CVE Names:          CVE-2019-12900====================================================================Summary: An update for bzip2 is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fix(es):* bzip2: out-of-bounds write in function BZ2_decompress (CVE-2019-12900)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2019-12900References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=1724459

Red Hat Security Advisory 2024-8922-03

Red Hat Security Advisory 2024-8914-03 - An update for libtiff is now available for Red Hat Enterprise Linux 9. Issues addressed include a null pointer vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8914.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libtiff security updateAdvisory ID:        RHSA-2024:8914-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8914Issue date:         2024-11-06Revision:           03CVE Names:          CVE-2024-7006====================================================================Summary: An update for libtiff is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.Security Fix(es):* libtiff: NULL pointer dereference in tif_dirinfo.c (CVE-2024-7006)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-7006References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2302996

Red Hat Security Advisory 2024-8914-03

Red Hat Security Advisory 2024-8906-03 - A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Issues addressed include bypass, denial of service, memory leak, remote SQL injection, and traversal vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8906.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Critical: Satellite 6.16.0 release  
Advisory ID:        RHSA-2024:8906-03  
Product:            Red Hat Satellite 6  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8906  
Issue date:         2024-11-06  
Revision:           03  
CVE Names:          CVE-2024-4067  
====================================================================

Summary: 

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9.

Red Hat Product Security has rated this update as having a security impact  
of  Critical. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

Description:

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

Security Fix(es):

* mosquitto: sending specific sequences of packets may trigger memory leak  
(CVE-2024-8376)  
* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)  
urllib3: proxy-authorization request header is not stripped during cross-origin redirects (CVE-2024-37891)  
* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)  
* python-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)   
* python-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)  
* python-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)  
* python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)  
* github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp (CVE-2024-5569)  
* puppet-foreman: An authentication bypass vulnerability exists in Foreman (CVE-2024-7012)  
* python-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)  
* grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)  
* puppet-pulpcore: An authentication bypass vulnerability exists in pulpcore (CVE-2024-7923)  
* foreman: Read-only access to entire DB from templates (CVE-2024-8553)

Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

Solution:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.16/html/updating_red_hat_satellite/index

CVEs:

CVE-2024-4067

References:

https://access.redhat.com/security/updates/classification/#critical  
https://bugzilla.redhat.com/show_bug.cgi?id=2280601  
https://bugzilla.redhat.com/show_bug.cgi?id=2292788  
https://bugzilla.redhat.com/show_bug.cgi?id=2293200  
https://bugzilla.redhat.com/show_bug.cgi?id=2295935  
https://bugzilla.redhat.com/show_bug.cgi?id=2295936  
https://bugzilla.redhat.com/show_bug.cgi?id=2295937  
https://bugzilla.redhat.com/show_bug.cgi?id=2295938  
https://bugzilla.redhat.com/show_bug.cgi?id=2296413  
https://bugzilla.redhat.com/show_bug.cgi?id=2299429  
https://bugzilla.redhat.com/show_bug.cgi?id=2302436  
https://bugzilla.redhat.com/show_bug.cgi?id=2305718  
https://bugzilla.redhat.com/show_bug.cgi?id=2312524  
https://bugzilla.redhat.com/show_bug.cgi?id=2318080  
https://issues.redhat.com/browse/SAT-12847  
https://issues.redhat.com/browse/SAT-15089  
https://issues.redhat.com/browse/SAT-15466  
https://issues.redhat.com/browse/SAT-15467  
https://issues.redhat.com/browse/SAT-15549  
https://issues.redhat.com/browse/SAT-16224  
https://issues.redhat.com/browse/SAT-16247  
https://issues.redhat.com/browse/SAT-16381  
https://issues.redhat.com/browse/SAT-16537  
https://issues.redhat.com/browse/SAT-16593  
https://issues.redhat.com/browse/SAT-17442  
https://issues.redhat.com/browse/SAT-17443  
https://issues.redhat.com/browse/SAT-17785  
https://issues.redhat.com/browse/SAT-18093  
https://issues.redhat.com/browse/SAT-18270  
https://issues.redhat.com/browse/SAT-18327  
https://issues.redhat.com/browse/SAT-18410  
https://issues.redhat.com/browse/SAT-18461  
https://issues.redhat.com/browse/SAT-18568  
https://issues.redhat.com/browse/SAT-18610  
https://issues.redhat.com/browse/SAT-18705  
https://issues.redhat.com/browse/SAT-18721  
https://issues.redhat.com/browse/SAT-18859  
https://issues.redhat.com/browse/SAT-18993  
https://issues.redhat.com/browse/SAT-19018  
https://issues.redhat.com/browse/SAT-19269  
https://issues.redhat.com/browse/SAT-19342  
https://issues.redhat.com/browse/SAT-19389  
https://issues.redhat.com/browse/SAT-19394  
https://issues.redhat.com/browse/SAT-19501  
https://issues.redhat.com/browse/SAT-19502  
https://issues.redhat.com/browse/SAT-19504  
https://issues.redhat.com/browse/SAT-19511  
https://issues.redhat.com/browse/SAT-19592  
https://issues.redhat.com/browse/SAT-19614  
https://issues.redhat.com/browse/SAT-19621  
https://issues.redhat.com/browse/SAT-19748  
https://issues.redhat.com/browse/SAT-19789  
https://issues.redhat.com/browse/SAT-19922  
https://issues.redhat.com/browse/SAT-19993  
https://issues.redhat.com/browse/SAT-19999  
https://issues.redhat.com/browse/SAT-20099  
https://issues.redhat.com/browse/SAT-20361  
https://issues.redhat.com/browse/SAT-20445  
https://issues.redhat.com/browse/SAT-20553  
https://issues.redhat.com/browse/SAT-21261  
https://issues.redhat.com/browse/SAT-21266  
https://issues.redhat.com/browse/SAT-21268  
https://issues.redhat.com/browse/SAT-21273  
https://issues.redhat.com/browse/SAT-21353  
https://issues.redhat.com/browse/SAT-21374  
https://issues.redhat.com/browse/SAT-21375  
https://issues.redhat.com/browse/SAT-21395  
https://issues.redhat.com/browse/SAT-21396  
https://issues.redhat.com/browse/SAT-21421  
https://issues.redhat.com/browse/SAT-21463  
https://issues.redhat.com/browse/SAT-21682  
https://issues.redhat.com/browse/SAT-21757  
https://issues.redhat.com/browse/SAT-21920  
https://issues.redhat.com/browse/SAT-21994  
https://issues.redhat.com/browse/SAT-22047  
https://issues.redhat.com/browse/SAT-22048  
https://issues.redhat.com/browse/SAT-22156  
https://issues.redhat.com/browse/SAT-22172  
https://issues.redhat.com/browse/SAT-22358  
https://issues.redhat.com/browse/SAT-22442  
https://issues.redhat.com/browse/SAT-22491  
https://issues.redhat.com/browse/SAT-22554  
https://issues.redhat.com/browse/SAT-22579  
https://issues.redhat.com/browse/SAT-22626  
https://issues.redhat.com/browse/SAT-22849  
https://issues.redhat.com/browse/SAT-22872  
https://issues.redhat.com/browse/SAT-22889  
https://issues.redhat.com/browse/SAT-22900  
https://issues.redhat.com/browse/SAT-23047  
https://issues.redhat.com/browse/SAT-23077  
https://issues.redhat.com/browse/SAT-23093  
https://issues.redhat.com/browse/SAT-23096  
https://issues.redhat.com/browse/SAT-23109  
https://issues.redhat.com/browse/SAT-23124  
https://issues.redhat.com/browse/SAT-23167  
https://issues.redhat.com/browse/SAT-23211  
https://issues.redhat.com/browse/SAT-23228  
https://issues.redhat.com/browse/SAT-23279  
https://issues.redhat.com/browse/SAT-23288  
https://issues.redhat.com/browse/SAT-23302  
https://issues.redhat.com/browse/SAT-23335  
https://issues.redhat.com/browse/SAT-23405  
https://issues.redhat.com/browse/SAT-23407  
https://issues.redhat.com/browse/SAT-23424  
https://issues.redhat.com/browse/SAT-23426  
https://issues.redhat.com/browse/SAT-23487  
https://issues.redhat.com/browse/SAT-23505  
https://issues.redhat.com/browse/SAT-23544  
https://issues.redhat.com/browse/SAT-23573  
https://issues.redhat.com/browse/SAT-23592  
https://issues.redhat.com/browse/SAT-23610  
https://issues.redhat.com/browse/SAT-23752  
https://issues.redhat.com/browse/SAT-23841  
https://issues.redhat.com/browse/SAT-23894  
https://issues.redhat.com/browse/SAT-23943  
https://issues.redhat.com/browse/SAT-23947  
https://issues.redhat.com/browse/SAT-23951  
https://issues.redhat.com/browse/SAT-23954  
https://issues.redhat.com/browse/SAT-23957  
https://issues.redhat.com/browse/SAT-23990  
https://issues.redhat.com/browse/SAT-23992  
https://issues.redhat.com/browse/SAT-24050  
https://issues.redhat.com/browse/SAT-24064  
https://issues.redhat.com/browse/SAT-24073  
https://issues.redhat.com/browse/SAT-24111  
https://issues.redhat.com/browse/SAT-24132  
https://issues.redhat.com/browse/SAT-24197  
https://issues.redhat.com/browse/SAT-24470  
https://issues.redhat.com/browse/SAT-24478  
https://issues.redhat.com/browse/SAT-24479  
https://issues.redhat.com/browse/SAT-24489  
https://issues.redhat.com/browse/SAT-24521  
https://issues.redhat.com/browse/SAT-24526  
https://issues.redhat.com/browse/SAT-24531  
https://issues.redhat.com/browse/SAT-24545  
https://issues.redhat.com/browse/SAT-24548  
https://issues.redhat.com/browse/SAT-24577  
https://issues.redhat.com/browse/SAT-24600  
https://issues.redhat.com/browse/SAT-24769  
https://issues.redhat.com/browse/SAT-24771  
https://issues.redhat.com/browse/SAT-24774  
https://issues.redhat.com/browse/SAT-24779  
https://issues.redhat.com/browse/SAT-24781  
https://issues.redhat.com/browse/SAT-24786  
https://issues.redhat.com/browse/SAT-24787  
https://issues.redhat.com/browse/SAT-24801  
https://issues.redhat.com/browse/SAT-24805  
https://issues.redhat.com/browse/SAT-24837  
https://issues.redhat.com/browse/SAT-24854  
https://issues.redhat.com/browse/SAT-24878  
https://issues.redhat.com/browse/SAT-24884  
https://issues.redhat.com/browse/SAT-24893  
https://issues.redhat.com/browse/SAT-24917  
https://issues.redhat.com/browse/SAT-24918  
https://issues.redhat.com/browse/SAT-24919  
https://issues.redhat.com/browse/SAT-24920  
https://issues.redhat.com/browse/SAT-24932  
https://issues.redhat.com/browse/SAT-24936  
https://issues.redhat.com/browse/SAT-24943  
https://issues.redhat.com/browse/SAT-24988  
https://issues.redhat.com/browse/SAT-25032  
https://issues.redhat.com/browse/SAT-25129  
https://issues.redhat.com/browse/SAT-25152  
https://issues.redhat.com/browse/SAT-25155  
https://issues.redhat.com/browse/SAT-25159  
https://issues.redhat.com/browse/SAT-25160  
https://issues.redhat.com/browse/SAT-25194  
https://issues.redhat.com/browse/SAT-25213  
https://issues.redhat.com/browse/SAT-25217  
https://issues.redhat.com/browse/SAT-25243  
https://issues.redhat.com/browse/SAT-25250  
https://issues.redhat.com/browse/SAT-25328  
https://issues.redhat.com/browse/SAT-25368  
https://issues.redhat.com/browse/SAT-25429  
https://issues.redhat.com/browse/SAT-25437  
https://issues.redhat.com/browse/SAT-25455  
https://issues.redhat.com/browse/SAT-25467  
https://issues.redhat.com/browse/SAT-25503  
https://issues.redhat.com/browse/SAT-25569  
https://issues.redhat.com/browse/SAT-25583  
https://issues.redhat.com/browse/SAT-25655  
https://issues.redhat.com/browse/SAT-25658  
https://issues.redhat.com/browse/SAT-25678  
https://issues.redhat.com/browse/SAT-25713  
https://issues.redhat.com/browse/SAT-25774  
https://issues.redhat.com/browse/SAT-25789  
https://issues.redhat.com/browse/SAT-25795  
https://issues.redhat.com/browse/SAT-25813  
https://issues.redhat.com/browse/SAT-25869  
https://issues.redhat.com/browse/SAT-25936  
https://issues.redhat.com/browse/SAT-25946  
https://issues.redhat.com/browse/SAT-26012  
https://issues.redhat.com/browse/SAT-26031  
https://issues.redhat.com/browse/SAT-26040  
https://issues.redhat.com/browse/SAT-26064  
https://issues.redhat.com/browse/SAT-26078  
https://issues.redhat.com/browse/SAT-26084  
https://issues.redhat.com/browse/SAT-26105  
https://issues.redhat.com/browse/SAT-26202  
https://issues.redhat.com/browse/SAT-26242  
https://issues.redhat.com/browse/SAT-26269  
https://issues.redhat.com/browse/SAT-26397  
https://issues.redhat.com/browse/SAT-26417  
https://issues.redhat.com/browse/SAT-26493  
https://issues.redhat.com/browse/SAT-26563  
https://issues.redhat.com/browse/SAT-26588  
https://issues.redhat.com/browse/SAT-26758  
https://issues.redhat.com/browse/SAT-26762  
https://issues.redhat.com/browse/SAT-26767  
https://issues.redhat.com/browse/SAT-26834  
https://issues.redhat.com/browse/SAT-26835  
https://issues.redhat.com/browse/SAT-26837  
https://issues.redhat.com/browse/SAT-26901  
https://issues.redhat.com/browse/SAT-26967  
https://issues.redhat.com/browse/SAT-27144  
https://issues.redhat.com/browse/SAT-27182  
https://issues.redhat.com/browse/SAT-27211  
https://issues.redhat.com/browse/SAT-27276  
https://issues.redhat.com/browse/SAT-27384  
https://issues.redhat.com/browse/SAT-27401  
https://issues.redhat.com/browse/SAT-27411  
https://issues.redhat.com/browse/SAT-27485  
https://issues.redhat.com/browse/SAT-27506  
https://issues.redhat.com/browse/SAT-27512  
https://issues.redhat.com/browse/SAT-27569  
https://issues.redhat.com/browse/SAT-27593  
https://issues.redhat.com/browse/SAT-27595  
https://issues.redhat.com/browse/SAT-27604  
https://issues.redhat.com/browse/SAT-27622  
https://issues.redhat.com/browse/SAT-27676  
https://issues.redhat.com/browse/SAT-27677  
https://issues.redhat.com/browse/SAT-27702  
https://issues.redhat.com/browse/SAT-27752  
https://issues.redhat.com/browse/SAT-27778  
https://issues.redhat.com/browse/SAT-27779  
https://issues.redhat.com/browse/SAT-27814  
https://issues.redhat.com/browse/SAT-27830  
https://issues.redhat.com/browse/SAT-27834  
https://issues.redhat.com/browse/SAT-27836  
https://issues.redhat.com/browse/SAT-27891  
https://issues.redhat.com/browse/SAT-27900  
https://issues.redhat.com/browse/SAT-27901  
https://issues.redhat.com/browse/SAT-27940  
https://issues.redhat.com/browse/SAT-27943  
https://issues.redhat.com/browse/SAT-27981  
https://issues.redhat.com/browse/SAT-28012  
https://issues.redhat.com/browse/SAT-28046  
https://issues.redhat.com/browse/SAT-28048  
https://issues.redhat.com/browse/SAT-28162  
https://issues.redhat.com/browse/SAT-28269  
https://issues.redhat.com/browse/SAT-28275  
https://issues.redhat.com/browse/SAT-28336  
https://issues.redhat.com/browse/SAT-28361  
https://issues.redhat.com/browse/SAT-28362  
https://issues.redhat.com/browse/SAT-28367  
https://issues.redhat.com/browse/SAT-28394  
https://issues.redhat.com/browse/SAT-28435  
https://issues.redhat.com/browse/SAT-28467  
https://issues.redhat.com/browse/SAT-28667  
https://issues.redhat.com/browse/SAT-7770  
https://issues.redhat.com/browse/SAT-8076

Red Hat Security Advisory 2024-8906-03

Red Hat Security Advisory 2024-8686-03 - Red Hat OpenShift Container Platform release 4.16.20 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8686.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: OpenShift Container Platform 4.16.20 packages and security update  
Advisory ID:        RHSA-2024:8686-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8686  
Issue date:         2024-11-06  
Revision:           03  
CVE Names:          CVE-2024-9675  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.16.20 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.16.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.16.20. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2024:8683

Security Fix(es):

* buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)  
* Podman: Buildah: CRI-O: symlink traversal vulnerability in the  
containers/storage library can cause Denial of Service (DoS)  
(CVE-2024-9676)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.16/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

https://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html

CVEs:

CVE-2024-9675

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2317458  
https://bugzilla.redhat.com/show_bug.cgi?id=2317467

Red Hat Security Advisory 2024-8686-03

Red Hat Security Advisory 2024-8683-03 - Red Hat OpenShift Container Platform release 4.16.20 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8683.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: OpenShift Container Platform 4.16.20 bug fix and security update  
Advisory ID:        RHSA-2024:8683-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8683  
Issue date:         2024-11-06  
Revision:           03  
CVE Names:          CVE-2024-47875  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.16.20 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.16.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.16.20. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHSA-2024:8686

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html

Security Fix(es):

* dompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.16 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.16/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

CVEs:

CVE-2024-47875

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2318052  
https://issues.redhat.com/browse/OCPBUGS-31546  
https://issues.redhat.com/browse/OCPBUGS-35204  
https://issues.redhat.com/browse/OCPBUGS-42109  
https://issues.redhat.com/browse/OCPBUGS-42744  
https://issues.redhat.com/browse/OCPBUGS-43315  
https://issues.redhat.com/browse/OCPBUGS-43367  
https://issues.redhat.com/browse/OCPBUGS-43645  
https://issues.redhat.com/browse/OCPBUGS-43727  
https://issues.redhat.com/browse/OCPBUGS-43797  
https://issues.redhat.com/browse/OCPBUGS-43826  
https://issues.redhat.com/browse/OCPBUGS-43840

Red Hat Security Advisory 2024-8683-03

Global Blockchain Scams Surge on BASE and Across Networks, Trugard Labs Reports.

Trugard Labs has revealed a series of major threats plaguing blockchain networks, particularly in emerging and fast-growing chains like BASE, Coinbase’s Layer 2 solution. With the release of their September findings from the Xcalibur source code detection suite, Trugard draws attention to the latest scams exploiting users on BASE, Ethereum, BSC, and Polygon networks.

The rise in politically themed meme coin scams, multi-chain vulnerabilities, and BASE’s appeal to scammers point to a troubling pattern across decentralized finance (DeFi) networks.

****BASE: A Rising Ground for Scammers****

As BASE gains popularity for its low fees, scalability, and **backing by Coinbase**, it’s attracting both legitimate users and bad actors. Much like the early days of Binance Smart Chain (BSC), BASE’s rapid growth has turned it into a hotspot for scams, thanks to its easy and affordable setup.

Trugard’s **report** warns that scammers are taking advantage of BASE’s low fees and simple token setup, making it easy for them to launch frequent, low-cost attacks. Scams range from classic “rug pulls” to politically themed meme coins, which are currently surging in popularity and exploiting investor interest during election season.

****The Top Threats Identified by Trugard’s Xcalibur Suite****

Trugard Labs identified five high-severity vulnerabilities frequently affecting multiple blockchain networks. The first vulnerability, Hidden Mint (Controlled Mint), involves manipulative contracts that allow unauthorized minting, inflating token supply and devaluing assets. This issue was particularly widespread on BSC, Base, and Ethereum, with each network experiencing hundreds of incidents.

The second vulnerability, Hidden Balance Update, lets scammers make unauthorized balance adjustments, exposing token holdings to hidden manipulation. This issue hit BSC and Base chains hard, pointing to a clear need for stronger balance update controls.

Another major risk, Malicious Boolean Checks; a **smart contracts flaw** that enables scammers to halt token transfers or approvals—was especially common on Ethereum, where unauthorized transactions create a heightened risk for token holders.

Another critical vulnerability, Digital Signature/Import Tampering, allows entities to control unapproved token burns, with Base showing the highest susceptibility. Malicious Burn Functions, allowing unchecked token destruction, also surfaced frequently on Ethereum, adding further concerns for investor security.

Example of an X account and a malicious website involved in scams reported by Trugard Labs.

****Political Meme Coin Scams****

September 2024 saw a series of politically themed meme coin scams. Tokens like “Trump Vs Harris” and “Trump2024” weren’t just cashing in on political sentiment; they’re designed to generate quick profits for their creators, often leaving investors with worthless tokens.

Trugard Labs’ Xcalibur suite flagged these tokens for serious issues, such as hidden balance updates, reentrancy risks, and faulty transfer functions. These scams play on investors’ political or ideological leanings, creating a sense of urgency to buy in, only for scammers to pull out as prices rise.

Among the tokens flagged:

*   **Trump Vs Harris** was identified on BASE for hidden minting and malicious checks, among other vulnerabilities.
*   **DarkMaga** on Ethereum contained uninitialized variables and hidden balance updates, enabling unapproved transfers.
*   **Trump2024** on Ethereum showed signs of manipulative code and reentrancy exploits.

According to researchers, BASE is following a path similar to that of Binance Smart Chain (BSC) in its early days. With low fees and an easy setup, BSC became a lucrative target for cybercriminals pulling off rug pulls and pump-and-dump schemes.

BASE now faces similar problems, prompted by social media hype and anonymous developers launching unverified projects. Trugard’s report highlights the influx of cloned projects and meme coins on BASE—a tactic scammers use to mislead investors by **copying branding** from popular projects.

This increase in scams on BASE and other networks is a reputational threat to Web3 projects. It risks turning away new users and preventing credible developers. However, tools like Trugard Labs’ Xcalibur suite and others can help control these threats by providing early warning signs for malicious contracts.

In the meantime, users should exercise caution and apply common sense to protect against the growing number of scams, especially with new tokens promising quick returns. Trugard’s findings serve as a reminder that DeFi is not immune to cybersecurity threats, urging the **blockchain community** to prioritize security alongside growth in this vibrant space.

1.  **Fake Domains Trick Trump Supporters in Trading Card Scam**
2.  **Fake Trump’s scandal video campaign spreading QNode RAT**
3.  **NKAbuse Linux Malware Uses Blockchain Technology to Spread**
4.  **Lazarus Hits Blockchain Pros with Fake Video Conferencing Scam**
5.  **Phishing Attack Steals Donations from Trump Voters Via Fake Sites**

Scammers Target BASE and Ethereum with Political Meme Coins and Rug Pulls

UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function.

The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies.

**Exploitability Metrics**

Attack Vector: This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the resulting severity) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable system. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across a network is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater severity.

Attack Complexity: This metric captures measurable actions that must be taken by the attacker to actively evade or circumvent existing built-in security-enhancing conditions in order to obtain a working exploit. These are conditions whose primary purpose is to increase security and/or increase exploit engineering complexity. A vulnerability exploitable without a target-specific variable has a lower complexity than a vulnerability that would require non-trivial customization. This metric is meant to capture security mechanisms utilized by the vulnerable system.

Attack Requirements: This metric captures the prerequisite deployment and execution conditions or variables of the vulnerable system that enable the attack. These differ from security-enhancing techniques/technologies (ref Attack Complexity) as the primary purpose of these conditions is not to explicitly mitigate attacks, but rather, emerge naturally as a consequence of the deployment and execution of the vulnerable system.

Privileges Required: This metric describes the level of privileges an attacker must possess prior to successfully exploiting the vulnerability. The method by which the attacker obtains privileged credentials prior to the attack (e.g., free trial accounts), is outside the scope of this metric. Generally, self-service provisioned accounts do not constitute a privilege requirement if the attacker can grant themselves privileges as part of the attack.

User interaction: This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable system. This metric determines whether the vulnerability can be exploited solely at the will of the attacker, or whether a separate user (or user-initiated process) must participate in some manner.

**Vulnerable System Impact Metrics**

Confidentiality: This metric measures the impact to the confidentiality of the information managed by the VULNERABLE SYSTEM due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.

Integrity: This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. Integrity of the VULNERABLE SYSTEM is impacted when an attacker makes unauthorized modification of system data. Integrity is also impacted when a system user can repudiate critical actions taken in the context of the system (e.g. due to insufficient logging).

Availability: This metric measures the impact to the availability of the VULNERABLE SYSTEM resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the system, this metric refers to the loss of availability of the impacted system itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of a system.

**Subsequent System Impact Metrics**

Confidentiality: This metric measures the impact to the confidentiality of the information managed by the SUBSEQUENT SYSTEM due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.

Integrity: This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. Integrity of the SUBSEQUENT SYSTEM is impacted when an attacker makes unauthorized modification of system data. Integrity is also impacted when a system user can repudiate critical actions taken in the context of the system (e.g. due to insufficient logging).

Availability: This metric measures the impact to the availability of the SUBSEQUENT SYSTEM resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the system, this metric refers to the loss of availability of the impacted system itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of a system.

GHSA-hv6m-qj65-26q3: UnoPim Cross-site Scripting vulnerability

Ubuntu Security Notice 7092-1 - It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-7092-1  
November 05, 2024

mpg123 vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

mpg123 could be made to crash or run programs as your login if it opened a  
specially crafted file.

Software Description:  
- mpg123: MPEG layer 1/2/3 audio player

Details:

It was discovered that mpg123 incorrectly handled certain mp3 files. If a  
user or automated system were tricked into opening a specially crafted mp3  
file, a remote attacker could use this issue to cause mpg123 to crash,  
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  libmpg123-0t64                  1.32.7-1ubuntu0.1  
  mpg123                          1.32.7-1ubuntu0.1

Ubuntu 24.04 LTS  
  libmpg123-0t64                  1.32.5-1ubuntu1.1  
  mpg123                          1.32.5-1ubuntu1.1

Ubuntu 22.04 LTS  
  libmpg123-0                     1.29.3-1ubuntu0.1  
  mpg123                          1.29.3-1ubuntu0.1

Ubuntu 20.04 LTS  
  libmpg123-0                     1.25.13-1ubuntu0.1  
  mpg123                          1.25.13-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7092-1  
  CVE-2024-10573

Package Information:  
  https://launchpad.net/ubuntu/+source/mpg123/1.32.7-1ubuntu0.1  
  https://launchpad.net/ubuntu/+source/mpg123/1.32.5-1ubuntu1.1  
  https://launchpad.net/ubuntu/+source/mpg123/1.29.3-1ubuntu0.1  
  https://launchpad.net/ubuntu/+source/mpg123/1.25.13-1ubuntu0.1

Tag

#vulnerability