2024-32 - Adobe, Canonical, Red Hat, Microsoft, GitHub, Spring 🗂️ Published on August 19, 2024

Advisory Week

Week 32, 2024

National Cyber Awareness System

CISA Releases Eleven Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

Adobe Releases Security Updates for Multiple Products

CISA Releases Ten Industrial Control Systems Advisories

Ivanti Releases Security Updates for Avalanche, Neurons for ITSM, and Virtual Traffic Manager

Microsoft Releases August 2024 Security Updates

Adobe Security Bulletins and Advisories

Security Updates Available for Adobe Commerce | APSB24-61

Security updates available for Adobe Photoshop | APSB24-49

Security Update Available for Adobe InDesign | APSB24-56

Security Updates Available for Adobe Illustrator | APSB24-45

Security updates available for Adobe Dimension | APSB24-47

Prenotification Security Advisory for Adobe Acrobat and Reader  | APSB24-57

Security Updates Available for Adobe Bridge | APSB24-59

Security Update Available for Adobe InCopy | APSB24-64

Security updates available for Adobe Substance3D - Sampler | APSB24-65

Ubuntu Security Notices

Bind vulnerabilities: USN-6909-3

ORC vulnerability: USN-6964-1

GNOME Shell vulnerability: USN-6963-1

LibreOffice vulnerability: USN-6962-1

BusyBox vulnerabilities: USN-6961-1

Linux kernel (Azure) vulnerabilities: USN-6951-2 / USN-6956-1

RMagick vulnerability: USN-6960-1

.NET vulnerability: USN-6959-1

Linux kernel vulnerabilities: USN-6949-2 / USN-6950-2

Libcroco vulnerabilities: USN-6958-1

Linux kernel (Oracle) vulnerabilities: USN-6950-3 / USN-6957-1

QEMU vulnerabilities: USN-6954-1

Linux kernel (OEM) vulnerabilities: USN-6955-1

Red Hat Security Advisory

Moderate: OpenShift Container Platform 4.15.27 security update: RHSA-2024:5160

Important: Fence Agents Remediation 0.4.1 - Security update: RHSA-2024:5453

Important: bind9.16 security update: RHSA-2024:5418

Important: kernel-rt security update: RHSA-2024:5365 / RHSA-2024:5282 / RHSA-2024:5256

Important: kernel security update: RHSA-2024:5364 / RHSA-2024:5363 / RHSA-2024:5281 / RHSA-2024:5266 / RHSA-2024:5261 / RHSA-2024:5259 / RHSA-2024:5257 / RHSA-2024:5255

Important: python3.11-setuptools security update: RHSA-2024:5279

Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP5 security update: RHSA-2024:5239 / RHSA-2024:5240

Important: OpenShift Container Platform 4.16.7 bug fix and security update: RHSA-2024:5107

Important: container-tools:rhel8 security update: RHSA-2024:5258 / RHSA-2024:5194

Important: bind and bind-dyndb-ldap security update: RHSA-2024:5231

Important: httpd:2.4 security update: RHSA-2024:5193

Moderate: 389-ds-base security update: RHSA-2024:5192

Microsoft Security

Microsoft August 2024 Security Update Guide

CVE-2024-37968 Windows DNS Spoofing Vulnerability

CVE-2024-38223 Windows Initial Machine Configuration Elevation of Privilege Vulnerability

CVE-2024-38109 Azure Health Bot Elevation of Privilege Vulnerability

CVE-2024-38215 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2024-38222 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-38120 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-38214 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2024-38211 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-38163 Windows Update Stack Elevation of Privilege Vulnerability

CVE-2022-3775 Redhat: CVE-2022-3775 grub2 - Heap based out-of-bounds write when rendering certain Unicode sequences

CVE-2024-38195 Azure CycleCloud Remote Code Execution Vulnerability

CVE-2024-38187 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-38189 Microsoft Project Remote Code Execution Vulnerability

CVE-2024-38185 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-38186 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-38177 Windows App Installer Spoofing Vulnerability

CVE-2024-38180 Windows SmartScreen Security Feature Bypass Vulnerability

CVE-2024-38171 Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2024-38173 Microsoft Outlook Remote Code Execution Vulnerability

CVE-2024-38170 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-38165 Windows Compressed Folder Tampering Vulnerability

CVE-2024-38169 Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2024-38158 Azure IoT SDK Remote Code Execution Vulnerability

CVE-2024-38162 Azure Connected Machine Agent Elevation of Privilege Vulnerability

CVE-2024-38155 Security Center Broker Information Disclosure Vulnerability

CVE-2024-38157 Azure IoT SDK Remote Code Execution Vulnerability

CVE-2024-38153 Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38154 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-38151 Windows Kernel Information Disclosure Vulnerability

CVE-2024-38152 Windows OLE Remote Code Execution Vulnerability

CVE-2024-38148 Windows Secure Channel Denial of Service Vulnerability

CVE-2024-38150 Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-38146 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

CVE-2024-38147 Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-38144 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2024-38145 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

CVE-2024-38142 Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-38143 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

CVE-2024-38140 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

CVE-2024-38141 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-38136 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

CVE-2024-38137 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

CVE-2024-38138 Windows Deployment Services Remote Code Execution Vulnerability

CVE-2024-38134 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2024-38135 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVE-2024-38132 Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-38133 Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38130 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-38131 Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

CVE-2024-38127 Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2024-38128 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-38125 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2024-38126 Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-38121 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-38122 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

CVE-2024-38117 NTFS Elevation of Privilege Vulnerability

CVE-2024-38118 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

CVE-2024-38115 Windows IP Routing Management Snapin Remote Code Execution Vulnerability

CVE-2024-38116 Windows IP Routing Management Snapin Remote Code Execution Vulnerability

CVE-2024-29995 Windows Kerberos Elevation of Privilege Vulnerability

CVE-2024-38114 Windows IP Routing Management Snapin Remote Code Execution Vulnerability

CVE-2024-38106 Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38107 Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

CVE-2024-38063 Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-38098 Azure Connected Machine Agent Elevation of Privilege Vulnerability

CVE-2023-40547 Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass

CVE-2024-38084 Microsoft OfficePlus Elevation of Privilege Vulnerability

CVE-2024-38213 Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38199 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

CVE-2024-38201 Azure Stack Hub Elevation of Privilege Vulnerability

CVE-2024-38198 Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2024-38196 Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-38197 Microsoft Teams for iOS Spoofing Vulnerability

CVE-2024-38191 Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38193 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability

CVE-2024-38184 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-38167 .NET and Visual Studio Information Disclosure Vulnerability

CVE-2024-38168 .NET and Visual Studio Denial of Service Vulnerability

CVE-2024-38172 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-38161 Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-38160 Windows Network Virtualization Remote Code Execution Vulnerability

CVE-2024-38159 Windows Network Virtualization Remote Code Execution Vulnerability

CVE-2024-38123 Windows Bluetooth Driver Information Disclosure Vulnerability

CVE-2024-38108 Azure Stack Hub Spoofing Vulnerability

CVE-2022-2601 Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

Github Security Advisories

[GHSA-vwf8-q6fw-4wcm] Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API

[GHSA-qcm3-7879-xcww] Gateway API route matching order contradicts specification

[GHSA-q7w8-72mr-vpgw] Policy bypass for Host Firewall policy due to race condition in Cilium agent

[GHSA-vwhg-jwr4-vxgg] gettext.js has a Cross-site Scripting injection

[GHSA-vgvv-x7xg-6cqg] Russh has an OOM Denial of Service due to allocation of untrusted amount

[GHSA-7x29-qqmq-v6qc] GitHub Actions Script Injection in `ultralytics/actions`

[GHSA-f67q-wr6w-23jq] Boa has an uncaught exception when transitioning the state of `AsyncGenerator` objects

[GHSA-qm2q-9f3q-2vcv] Trix has a cross-site Scripting vulnerability on copy & paste

[GHSA-rhm7-7469-rcpw] Persistent Cross-site Scripting in eZ Platform Rich Text Field Type

[GHSA-hvcf-6324-cjh7] Persistent Cross-site Scripting in Ibexa RichText Field Type

[GHSA-ccqh-278p-xq6w] webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

[GHSA-83qr-9v2h-qxp4] Cosmos Hub (Gaia): The check for the height of cryptographic equivocation evidence is missing

[GHSA-mg3v-6m49-jhp3] WebOb's location header normalization during redirect leads to open redirect

[GHSA-qv32-5wm2-p32h] Command Injection in sequenceserver

[GHSA-7qrv-8f9x-3h32] Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability

[GHSA-3r34-r6w3-fqp6] Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability

[GHSA-rfxf-mf63-cpqv] open-telemetry has an Observable Timing Discrepancy

[GHSA-m3px-vjxr-fx4m] Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

[GHSA-rxff-vr5r-8cj5] Path traveral in Streamlit on windows

[GHSA-xj87-mqvh-88w2] fish-shop/syntax-check Improper Neutralization of Delimiters

[GHSA-6r4j-4rjc-8vw5] RBAC Roles for `etcd` created by Kamaji are not disjunct

Spring Security Advisories

cve-2024-38809 - Medium - CVE-2024-38809: Spring Framework DoS via conditional HTTP request

cve-2024-38808 - Medium - CVE-2024-38808: Spring Expression DoS Vulnerability

CISA Known Exploted Vulnerabilities

Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability CVE-2024-38107

Microsoft Windows Kernel Privilege Escalation Vulnerability CVE-2024-38106

Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability CVE-2024-38193

Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-38213

Microsoft Windows Scripting Engine Memory Corruption Vulnerability CVE-2024-38178

Microsoft Project Remote Code Execution Vulnerability CVE-2024-38189

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability CVE-2024-28986

The known exploited vulnerabilities list contains vulnerabilities that are known to be activly exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.