Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-7125-1  
November 25, 2024

rapidjson vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

RapidJSON could be made to crash or run programs as your login if it  
opened a specially crafted file.

Software Description:  
- rapidjson: A fast JSON parser/generator for C++

Details:

It was discovered that RapidJSON incorrectly parsed numbers written in  
scientific notation, leading to an integer underflow. An attacker could  
possibly use this issue to cause a denial of service, or execute arbitrary  
code.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  rapidjson-dev                   1.1.0+dfsg2-7.3ubuntu0.1

Ubuntu 24.04 LTS  
  rapidjson-dev                   1.1.0+dfsg2-7.2ubuntu0.1~esm1  
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS  
  rapidjson-dev                   1.1.0+dfsg2-7ubuntu0.1~esm1  
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS  
  rapidjson-dev                   1.1.0+dfsg2-5ubuntu1+esm1  
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS  
  rapidjson-dev                   1.1.0+dfsg2-3ubuntu0.1~esm1  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  rapidjson-dev                   0.12~git20141031-3ubuntu0.1~esm1  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7125-1  
  CVE-2024-38517

Package Information:

https://launchpad.net/ubuntu/+source/rapidjson/1.1.0+dfsg2-7.3ubuntu0.1

Ubuntu Security Notice USN-7125-1

Ubuntu Security Notice 6988-2 - USN-6988-1 fixedCVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS.

==========================================================================  
Ubuntu Security Notice USN-6988-2  
November 26, 2024

twisted vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS

Summary:

Twisted could allow unintended access to information over the network.

Software Description:  
- twisted: Event-based framework for internet applications

Details:

USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that  
previous releases were unaffected. This update provides the equivalent fix  
for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS.

Original advisory details:

 Ben Kallus discovered that Twisted incorrectly handled response order when  
 processing multiple HTTP requests. A remote attacker could possibly use  
 this issue to delay and manipulate responses.  
 This issue only affected Ubuntu 24.04 LTS. (CVE-2024-41671)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS  
  python3-twisted                 22.1.0-2ubuntu2.6

Ubuntu 20.04 LTS  
  python3-twisted                 18.9.0-11ubuntu0.20.04.5

Ubuntu 18.04 LTS  
  python-twisted                  17.9.0-2ubuntu0.3+esm2  
                                  Available with Ubuntu Pro  
  python3-twisted                 17.9.0-2ubuntu0.3+esm2  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6988-2  
  https://ubuntu.com/security/notices/USN-6988-1  
  CVE-2024-41671

Package Information:  
  https://launchpad.net/ubuntu/+source/twisted/22.1.0-2ubuntu2.6  
https://launchpad.net/ubuntu/+source/twisted/18.9.0-11ubuntu0.20.04.5

Ubuntu Security Notice USN-6988-2

Ubuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-7129-1November 26, 2024TinyGLTF vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:TinyGLTF could be made to crash or run programs as your login if itreceived specially crafted input.Software Description:- tinygltf: glTF loader and saver libraryDetails:It was discovered that TinyGLTF performed file path expansion in aninsecure way on certain inputs. An attacker could possibly use thisissue to cause a denial of service, or execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTSlibtinygltf-dev 2.5.0+dfsg-4ubuntu0.1libtinygltf1d 2.5.0+dfsg-4ubuntu0.1In general, a standard system update will make all the necessary changes.References:https://ubuntu.com/security/notices/USN-7129-1CVE-2022-3008Package Information:https://launchpad.net/ubuntu/+source/tinygltf/2.5.0+dfsg-4ubuntu0.1

Ubuntu Security Notice USN-7129-1

Ubuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-7128-1November 26, 2024pygments vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Pygments could be made to crash if it received specially crafted input.Software Description:- pygments: Generic syntax highlighterDetails:Sebastian Chnelik discovered that Pygments had an inefficient regex queryfor analyzing certain inputs. An attacker could possibly use this issue tocause a denial of service.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  python3-pygments                2.11.2+dfsg-2ubuntu0.1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-7128-1  CVE-2022-40896Package Information:https://launchpad.net/ubuntu/+source/pygments/2.11.2+dfsg-2ubuntu0.1

Ubuntu Security Notice USN-7128-1

The lessons I've learned soaring through the skies have extended far beyond the runway.

Source: Stanislav Duben via Alamy Stock Photo

COMMENTARY

As a child, airplanes fascinated me — I was taken by their gravity-defying magic, their technical wonders, their sleek designs, and the adventures they unlocked. I dreamed of flying one myself.

Although I pursued a career in cybersecurity, flying always inspired me — so I chased my lifelong dream of becoming a licensed pilot. I continue to fly light aircraft in the little spare time I get alongside my role as the CEO of a leading cyber-risk management company. 

**Always Have Backup**

A recent experience prompted me to think more closely about the interplay between my two passions. 

Not long ago, I completed an advanced course for pilots of two-engine planes. Previously, I had only flown planes with one engine, which is a risk: If the engine malfunctions, you're in big trouble. 

In the final training session, we practiced different responses in the event of an engine breaking down. As our instructor walked us through different tactics, one thought went through my mind: the critical need for a "defense in depth" approach to security. Just as the smooth functioning of an airplane relies on multiple mechanisms supporting one another, a modern cybersecurity platform also leverages numerous defensive techniques, so that if a threat slips through one layer, it will be caught by another. 

That was when I realized: While aviation and cybersecurity may appear as far apart as the heavens and earth, the skills I've learned from flying have profoundly influenced my career.  

**Know Your Environment**

Even at the beginning of my career, as a junior systems analyst and IT team manager, I understood that an organization's cybersecurity posture is much broader than any single tool or platform. Effective cybersecurity requires a thorough understanding of the operating environment and all the tools therein. Before an organization can identify vulnerabilities and secure itself against attacks, it needs a complete understanding of its internal and external assets, digital surfaces, devices, brand assets, and more. 

Likewise, becoming a pilot not only required me to master the practical skills of navigating an aircraft through various conditions but also necessitated a deep understanding of the equipment on board. Flying without a confident grasp of my instruments or expected flight environment is like playing Russian roulette: potentially fine … or lethal. 

In cybersecurity, just as in aviation, one can never be passive. Full visibility into a technology environment is required to be able to manage risks, quickly adjust course, identify and communicate issues, and fix those issues under pressure. 

**Continuous Learning and Testing**

In the modern cybersecurity landscape, threats are always evolving, and hackers are constantly honing their skills. That’s why I ensure my company continuously tests its defenses and my employees constantly learn new skills to keep pace with the rapidly changing threat landscape. 

During a recent performance review with one of my direct reports, the employee suggested that some of our threat simulations and training sessions were so time-consuming that they prevented his team from carrying out other deliverables. I acknowledged that learning and testing take up a lot of time, but doubled down on the importance of learning from past incidents to understand future threats and tactics. A cybersecurity company that prioritizes this will serve its customers better in the long run, even if it means a routine report or product update will be slightly delayed. 

**Muscle Memory and Task Execution**

A little-known insight into a pilot's mindset: When landing my aircraft, I barely think about what I am doing. That's because I have practiced and repeated the same maneuver hundreds of times, making complex tasks feel like second nature. 

It's just as vital to develop this sort of muscle memory among security professionals. Security teams should regularly practice routine protocols for any scenario. Conducting tabletop exercises and attack simulation drills allows teams to react quickly and effectively when a real threat emerges. 

By promoting constant preparedness, I aim to ensure that my teams can execute the best course of action without hesitation, even in high-pressure situations.

**Small Issues Become Big Ones**

After flying for a few years, I felt like I'd finally memorized the dozens of separate tasks that form part of a pre-flight checklist. In reality, I'd started to prioritize — I knew that I'd always have to check whether there was enough fuel in the tank to complete the journey, but making sure each seatbelt on the plane was fastened correctly seemed secondary. 

One time, I experienced a particularly bumpy landing. I asked a fellow pilot why that might have occurred, and he suggested checking the air pressure in the tires. I took a look and realized that I'd completely forgotten to check the tires before the flight. A tire low on air won't cause the plane to fall from the sky, but landing on a flat tire can be extremely dangerous. If a flat tire hits the runway, it could burst and send the plane swerving. Incidents like this can easily be avoided — by running through the correct procedures to identify any small issue before it becomes a big one. 

In cybersecurity, small vulnerabilities in a system can easily be overlooked and are therefore ripe for exploitation. In short, cybersecurity is not just about responding to attacks — it's about mitigating risks before they can cause damage. By implementing best practices and checklist procedures, security teams can do just that.  

**The Sky's the Limit**

The lessons I've learned soaring through the skies have extended far beyond the runway. 

Learning from my mistakes and internalizing the discipline it takes to be a pilot have allowed me not only to lead my company with clarity and resilience; it also has provided me with a new perspective on the ever-evolving landscape of cybersecurity. Incorporating these lessons into the flight plan of my professional life has helped foster a culture of continuous improvement at our workplace, which ultimately has helped our customers. 

**About the Author**

CEO, Cyberint

Yochai Corem is the CEO of Cyberint, a leading external cyber-risk management provider that supports hundreds of organizations around the globe in understanding and managing their threat exposure. 

Yochai is a seasoned executive and strategic cybersecurity leader and innovator, with more than 25 years of experience in driving business success for cyber security companies. 

Prior to Cyberint, Yochai held multiple executive positions at CYE, Cyberbit, 3i-Mind, and Verint in the areas of sales, product strategy and services. 

Yochai has registered multiple patents in the area of cybersecurity, which have been applied in commercial products, and is often invited to share insights on the Israeli cyber security innovation and leadership landscape. 

Yochai is a former officer of the Israeli Intelligence Unit 8200 and holds an MBA from the Reichman University (IDC) in Herzliya and a BSc in electrical engineering cum laude from Tel Aviv University.

How Learning to Fly Made Me a Better Cybersecurity CEO

Ubuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root.

==========================================================================  
Ubuntu Security Notice USN-7117-2  
November 26, 2024

needrestart regression  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

USN-7117-1 caused some regression in needrestart.

Software Description:  
- needrestart: check which daemons need to be restarted after library   
upgrades

Details:

USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a  
regression in needrestart. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 Qualys discovered that needrestart passed unsanitized data to a library  
 (libmodule-scandeps-perl) which expects safe input. A local attacker could  
 possibly use this issue to execute arbitrary code as root.  
 (CVE-2024-11003)

 Qualys discovered that the library libmodule-scandeps-perl incorrectly  
 parsed perl code. This could allow a local attacker to execute arbitrary  
 shell commands. (CVE-2024-10224)

 Qualys discovered that needrestart incorrectly used the PYTHONPATH  
 environment variable to spawn a new Python interpreter. A local attacker  
 could possibly use this issue to execute arbitrary code as root.  
 (CVE-2024-48990)

 Qualys discovered that needrestart incorrectly checked the path to the  
 Python interpreter. A local attacker could possibly use this issue to win  
 a race condition and execute arbitrary code as root. (CVE-2024-48991)

 Qualys discovered that needrestart incorrectly used the RUBYLIB  
 environment variable to spawn a new Ruby interpreter. A local attacker  
 could possibly use this issue to execute arbitrary code as root.  
 (CVE-2024-48992)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  needrestart                     3.6-8ubuntu4.3

Ubuntu 24.04 LTS  
  needrestart                     3.6-7ubuntu4.4

Ubuntu 22.04 LTS  
  needrestart                     3.5-5ubuntu2.3

Ubuntu 20.04 LTS  
  needrestart                     3.4-6ubuntu0.1+esm2  
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS  
  needrestart                     3.1-1ubuntu0.1+esm2  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  needrestart                     2.6-1ubuntu0.1~esm2  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7117-2  
  https://ubuntu.com/security/notices/USN-7117-1  
  https://launchpad.net/bugs/2089193

Package Information:  
  https://launchpad.net/ubuntu/+source/needrestart/3.6-8ubuntu4.3  
  https://launchpad.net/ubuntu/+source/needrestart/3.6-7ubuntu4.4  
  https://launchpad.net/ubuntu/+source/needrestart/3.5-5ubuntu2.3

Ubuntu Security Notice USN-7117-2

Red Hat Security Advisory 2024-10492-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10492.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: webkit2gtk3 security updateAdvisory ID:        RHSA-2024:10492-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10492Issue date:         2024-11-27Revision:           03CVE Names:          CVE-2024-44309====================================================================Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.Security Fix(es):* webkitgtk: data isolation bypass vulnerability (CVE-2024-44309)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-44309References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2327927

Red Hat Security Advisory 2024-10492-03

Red Hat Security Advisory 2024-10483-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a bypass vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10483.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: webkit2gtk3 security updateAdvisory ID:        RHSA-2024:10483-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10483Issue date:         2024-11-27Revision:           03CVE Names:          CVE-2024-44309====================================================================Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.Security Fix(es):* webkitgtk: data isolation bypass vulnerability (CVE-2024-44309)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-44309References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2327927

Red Hat Security Advisory 2024-10483-03

Red Hat Security Advisory 2024-10472-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10472.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: webkit2gtk3 security updateAdvisory ID:        RHSA-2024:10472-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10472Issue date:         2024-11-27Revision:           03CVE Names:          CVE-2024-44309====================================================================Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.Security Fix(es):* webkitgtk: data isolation bypass vulnerability (CVE-2024-44309)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-44309References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2327927

Red Hat Security Advisory 2024-10472-03

Red Hat Security Advisory 2024-10389-03 - Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10389.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: OpenShift Virtualization 4.13.11 ImagesAdvisory ID:        RHSA-2024:10389-03Product:            OpenShift VirtualizationAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:10389Issue date:         2024-11-26Revision:           03CVE Names:          CVE-2024-24791====================================================================Summary: Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.Description:OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.This advisory contains OpenShift Virtualization 4.13.11 images.Security Fix(es):* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVEpage(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-24791References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2295310https://issues.redhat.com/browse/CNV-45851https://issues.redhat.com/browse/CNV-49144

Tag

#vulnerability