diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index 72157d2e7aa7..24acb9530581 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,253 +1,297 @@ + + OpenSSL -- Vector register corruption on PowerPC + + + openssl + 3.0.12_2,1 + + + openssl-quictls + 3.0.12_2 + + + openssl31 + 3.1.4_2 + + + openssl31-quictls + 3.1.4_2 + + + openssl32 + 3.2.0_1 + + + + +

SO-AND-SO reports:

+
+

The POLY1305 MAC (message authentication code) implementation + contains a bug that might corrupt the internal state of applications running + on PowerPC CPU based platforms if the CPU provides vector instructions.

+
+ + + + CVE-2023-6129 + https://www.openssl.org/news/secadv/20240109.txt + + + 2024-01-09 + 2024-01-11 + + + chromium -- security fix chromium 120.0.6099.216 ungoogled-chromium 120.0.6099.216

Chrome Releases reports:

This update includes 1 security fix:

  • [1513379] High CVE-2024-0333: Insufficient data validation in Extensions. Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC on 2023-12-20
 CVE-2024-0333 https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html 2024-01-09 2024-01-10 QtNetwork -- potential buffer overflow qt5-network 5.15.12p148_1 qt6-base 6.6.1_2

Andy Shaw reports:

A potential integer overflow has been discovered in Qt's HTTP2 implementation. If the HTTP2 implementation receives more than 4GiB in total headers, or more than 2GiB for any given header pair, then the internal buffers may overflow.

 CVE-2023-51714 https://www.qt.io/blog/security-advisory-potential-integer-overflow-in-qts-http2-implementation 2023-12-14 2024-01-07 mantis -- multiple vulnerabilities mantis-php74 mantis-php80 mantis-php81 mantis-php82 mantis-php83 2.25.8,1

Mantis 2.25.8 release reports:

Security and maintenance release

  • 0032432: Update guzzlehttp/psr7 to 1.9.1 (CVE-2023-29197)
  • 0032981: Information Leakage on DokuWiki Integration (CVE-2023-44394)
 CVE-2023-29197 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197 CVE-2023-44394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44394 2023-10-14 2024-01-06 chromium -- multiple security fixes chromium 120.0.6099.199 ungoogled-chromium 120.0.6099.199

Chrome Releases reports:

This update includes 6 security fixes:

  • [1501798] High CVE-2024-0222: Use after free in ANGLE. Reported by Toan (suto) Pham of Qrious Secure on 2023-11-13
  • [1505009] High CVE-2024-0223: Heap buffer overflow in ANGLE. Reported by Toan (suto) Pham and Tri Dang of Qrious Secure on 2023-11-24
  • [1505086] High CVE-2024-0224: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25
  • [1506923] High CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous on 2023-12-01
 CVE-2024-0222 CVE-2024-0223 CVE-2024-0224 CVE-2024-0225 https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html 2024-01-03 2024-01-04 electron27 -- multiple vulnerabilities electron27 27.2.1

Electron developers report:

This update fixes the following vulnerabilities:

  • Security: backported fix for CVE-2023-6706.
  • Security: backported fix for CVE-2023-6705.
  • Security: backported fix for CVE-2023-6703.
  • Security: backported fix for CVE-2023-6702.
  • Security: backported fix for CVE-2023-6704.
 CVE-2023-6706 https://github.com/advisories/GHSA-jqrg-rvpw-5fw5 CVE-2023-6705 https://github.com/advisories/GHSA-h27f-fw5q-c2gh CVE-2023-6703 https://github.com/advisories/GHSA-9v72-359m-2vx4 CVE-2023-6702 https://github.com/advisories/GHSA-7hjc-c62g-4w73 CVE-2023-6704 https://github.com/advisories/GHSA-587x-fmc5-99p9 2024-01-04 2024-01-04 electron26 -- multiple vulnerabilities electron26 26.6.4

Electron developers report:

This update fixes the following vulnerabilities:

  • Security: backported fix for CVE-2023-6704.
  • Security: backported fix for CVE-2023-6705.
  • Security: backported fix for CVE-2023-6703.
  • Security: backported fix for CVE-2023-6702.
 CVE-2023-6704 https://github.com/advisories/GHSA-587x-fmc5-99p9 CVE-2023-6705 https://github.com/advisories/GHSA-h27f-fw5q-c2gh CVE-2023-6703 https://github.com/advisories/GHSA-9v72-359m-2vx4 CVE-2023-6702 https://github.com/advisories/GHSA-7hjc-c62g-4w73 2024-01-04 2024-01-04 FreeBSD -- Prefix Truncation Attack in the SSH protocol FreeBSD 14.014.0_4 13.213.2_9

Problem Description:

The SSH protocol executes an initial handshake between the server and the client. This protocol handshake includes the possibility of several extensions allowing different options to be selected. Validation of the packets in the handshake is done through sequence numbers.

Impact:

A man in the middle attacker can silently manipulate handshake messages to truncate extension negotiation messages potentially leading to less secure client authentication algorithms or deactivating keystroke timing attack countermeasures.

 CVE-2023-48795 SA-23:19.openssh 2023-12-19 2024-01-02