2024-8 - Canonical, Red Hat, Cisco, Microsoft, GitHub Published on March 4, 2024

Advisory Week

Week 8, 2024

National Cyber Awareness System

Cisco Releases Security Advisories for Cisco NX-OS Software

CISA Adds One Known Exploited Vulnerability to Catalog

CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

CISA Releases Two Industrial Control Systems Advisories

CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities

CISA Releases Resource Guide for University Cybersecurity Clinics

CISA Releases Two Industrial Control Systems Advisories

CISA, FBI, and HHS Release an Update to #StopRansomware Advisory on ALPHV Blackcat

CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

Ubuntu Security Notices

php-nyholm-psr7 vulnerability: USN-6671-1

php-guzzlehttp-psr7 vulnerabilities: USN-6670-1

Linux kernel (Low Latency) vulnerabilities: USN-6653-3

Linux kernel (StarFive) vulnerabilities: USN-6651-3

Linux kernel (Azure) vulnerabilities: USN-6647-2 / USN-6648-2

Linux kernel (AWS) vulnerabilities: USN-6653-2

Linux kernel vulnerabilities: USN-6651-2

python-openstackclient vulnerability: USN-6668-1

Cpanel-JSON-XS vulnerability: USN-6667-1

libuv vulnerability: USN-6666-1

Unbound vulnerabilities: USN-6665-1

LibTIFF vulnerabilities: USN-6644-2

less vulnerability: USN-6664-1

OpenSSL update: USN-6663-1

PHP vulnerabilities: USN-6305-2

OpenJDK 11 vulnerabilities: USN-6660-1

OpenJDK 21 vulnerabilities: USN-6662-1

OpenJDK 17 vulnerabilities: USN-6661-1

libde265 vulnerabilities: USN-6659-1

libxml2 vulnerability: USN-6658-1

Dnsmasq vulnerabilities: USN-6657-1

PostgreSQL vulnerability: USN-6656-1

GNU binutils vulnerabilities: USN-6655-1

Roundcube Webmail vulnerability: USN-6654-1

Red Hat Security Advisory

Important: squid:4 security update: RHSA-2024:1062

Moderate: Red Hat Satellite 6 security and bug fix update: RHSA-2024:1061

Important: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update: RHSA-2024:1057

Important: python-pillow security update: RHSA-2024:1058 / RHSA-2024:1060 / RHSA-2024:1059

Important: kpatch-patch security update: RHSA-2024:1055

Moderate: go-toolset-1.19-golang security update: RHSA-2024:1041

Moderate: Migration Toolkit for Applications security update: RHSA-2024:1027

Moderate: OpenShift Container Platform 4.13.35 security update: RHSA-2024:0948

Important: OpenShift Container Platform 4.13.35 security update: RHSA-2024:0946

Important: kernel security update: RHSA-2024:1018 / RHSA-2024:0999 / RHSA-2024:0980

Important: kernel-rt security update: RHSA-2024:1019

Important: postgresql:15 security update: RHSA-2024:1017 / RHSA-2024:0973

Critical: OpenShift Container Platform 4.15.0 security update: RHSA-2024:0766

Important: edk2 security update: RHSA-2024:1013 / RHSA-2024:1004

Moderate: OpenShift Container Platform 4.14.14 packages and security update: RHSA-2024:0944

Moderate: Run Once Duration Override Operator for Red Hat OpenShift 1.1.0 for RHEL 9: RHSA-2024:0269

Important: OpenShift Container Platform 4.14.14 bug fix and security update: RHSA-2024:0941

Important: OpenShift Container Platform 4.15.z security update: RHSA-2023:7200

Important: OpenShift Container Platform 4.15.0 packages and security update: RHSA-2023:7201

Critical: OpenShift Container Platform 4.15.0 bug fix and security update: RHSA-2023:7198

Critical: OpenShift Container Platform 4.15.0 security and extras update: RHSA-2023:7197

Important: Red Hat OpenShift for Windows Containers 10.15.0 security update: RHSA-2024:0954

Important: gimp:2.8 security update: RHSA-2024:1007

Low: Red Hat OpenShift distributed tracing 3.1.0 operator/operand containers: RHSA-2024:0998

Important: rh-postgresql10-postgresql security update: RHSA-2024:0992

Important: rh-postgresql12-postgresql security update: RHSA-2024:0990

Critical: Red Hat Multicluster GlobalHub 1.0.2 bug fixes and security updates: RHSA-2024:0989

Important: rh-postgresql13-postgresql security update: RHSA-2024:0988

Important: thunderbird security update: RHSA-2024:0984 / RHSA-2024:0964 / RHSA-2024:0963 / RHSA-2024:0962 / RHSA-2024:0961 / RHSA-2024:0960 / RHSA-2024:0959 / RHSA-2024:0958 / RHSA-2024:0957

Important: firefox security update: RHSA-2024:0983 / RHSA-2024:0976 / RHSA-2024:0971 / RHSA-2024:0972 / RHSA-2024:0970 / RHSA-2024:0969 / RHSA-2024:0968 / RHSA-2024:0955

Important: unbound security update: RHSA-2024:0982 / RHSA-2024:0981 / RHSA-2024:0977 / RHSA-2024:0965

Moderate: linux-firmware security update: RHSA-2024:0979 / RHSA-2024:0978

Important: postgresql:13 security update: RHSA-2024:0975

Important: postgresql:12 security update: RHSA-2024:0974

Moderate: opensc security update: RHSA-2024:0966 / RHSA-2024:0967

Important: postgresql:10 security update: RHSA-2024:0956

Cisco Security Advisory

Cisco NX-OS Software MPLS Encapsulated IPv6 Denial of Service Vulnerability

Cisco UCS 6400 and 6500 Series Fabric Interconnects Intersight Managed Mode Denial of Service Vulnerability

Cisco Nexus 3000 and 9000 Series Switches Port Channel ACL Programming Vulnerability

Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

Cisco NX-OS Software External Border Gateway Protocol Denial of Service Vulnerability

Microsoft Security

Microsoft March 2024 Security Update Guide

Chromium: CVE-2024-1939 Type Confusion in V8

Chromium: CVE-2024-1938 Type Confusion in V8

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability: CVE-2024-26196

Github Security Advisories

[GHSA-h3m7-rqc4-7h9p] Integer overflow in chunking helper causes dispatching to miss elements or panic

[GHSA-5mhg-wv8w-p59j] Directus version number disclosure

[GHSA-8p25-3q46-8q2p] ESPHome vulnerable to remote code execution via arbitrary file write

[GHSA-4g2x-vq5p-5vj6] Budibase affected by VM2 Constructor Escape Vulnerability

[GHSA-6927-3vr9-fxf2] ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection

[GHSA-qw9g-7549-7wg5] Directus has MySQL accent insensitive email matching

[GHSA-68c2-4mpx-qh95] Potential leakage of Sentry auth tokens by React Native SDK with Expo plugin

[GHSA-pcfx-g2j2-f6f6] Docassemble HTML and javascript injection

[GHSA-7wxf-r2qv-9xwr] Docassemble open redirect

[GHSA-jq57-3w7p-vwvv] Docassemble unauthorized access through URL manipulation

[GHSA-9vx6-7xxf-x967] OpenZeppelin Contracts base64 encoding may read from potentially dirty memory

[GHSA-22f2-v57c-j9cx] Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)

[GHSA-xj5v-6v4g-jfw6] Rack has possible DoS Vulnerability with Range Header

[GHSA-54rr-7fvw-6x8f] Rack Header Parsing leads to Possible Denial of Service Vulnerability

[GHSA-8mq4-9jjh-9xrc] YARD's default template vulnerable to Cross-site Scripting in generated frames.html

[GHSA-j2pw-vp55-fqqj] Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID

[GHSA-fqxj-46wg-9v84] Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)

[GHSA-555p-m4v6-cqxv] ASA-2024-004: Default configuration param for Evidence may limit window of validity

[GHSA-86h5-xcpx-cfqc] ASA-2024-005: Potential slashing evasion during re-delegation

[GHSA-xh6m-7cr7-xx66] Missing permission checks on Hazelcast client protocol

[GHSA-gp6m-fq6h-cjcx] Magento LTS vulnerable to stored XSS in admin file form

[GHSA-8h22-8cf7-hq6g] Rails has possible Sensitive Session Information Leak in Active Storage

[GHSA-9822-6m93-xqf4] Rails has possible XSS Vulnerability in Action Controller

[GHSA-jjhx-jhvp-74wq] Rails has possible ReDoS vulnerability in Accept header parsing in Action Dispatch

[GHSA-x5r5-2qrx-rqj8] Transparent TLS may not be applied to Marbles with certain manifest configurations

[GHSA-q6h8-4j2v-pjg4] Minder trusts client-provided mapping from repo name to upstream ID

[GHSA-rggv-cv7r-mw98] Connection leaking on idle timeout when TCP congested

[GHSA-4hwq-4cpm-8vmx] Vyper's `extract32` can ready dirty memory

[GHSA-9p8r-4xp4-gw5w] Vyper's `_abi_decode` vulnerable to Memory Overflow

[GHSA-84c3-j8r2-mcm8] @nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys

[GHSA-hx5q-v6pj-533r] SAML authentication bypass due to missing validation on unsigned SAML messages

[GHSA-4m6j-23p2-8c54] Armeria SAML authentication bypass due to missing validation on unsigned SAML messages

[GHSA-p4m5-32pr-2hqr] PyPop C extensions possible vulnerability: missing arguments and redundant null pointers

[GHSA-4gmj-3p3h-gm8h] es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

[GHSA-63h4-w25c-3qv4] Kirby vulnerable to Cross-site scripting (XSS) in the link field "Custom" type

[GHSA-57f2-8p89-66x6] Kirby vulnerable to self cross-site scripting (self-XSS) in the URL field

[GHSA-xrvh-rvc4-5m43] Kirby vulnerable to unrestricted file upload of user avatar images

CISA Known Exploted Vulnerabilities

Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability CVE-2023-29360

The known exploited vulnerabilities list contains vulnerabilities that are known to be activly exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.