Actualizaciones de Seguridad
MGASA-2024-0370 - Updated opendmarc packages fix security vulnerability
Publication date: 22 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-25768 Description Fix null pointer dereference in opendmarc_policy.c. (CVE-2024-25768) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-25768 Description Fix null pointer dereference in opendmarc_policy.c. (CVE-2024-25768) References
- https://bugs.mageia.org/show_bug.cgi?id=33756
- https://github.com/trusteddomainproject/OpenDMARC/issues/256
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25768
- opendmarc-1.4.2-2.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0369 - Updated kernel, kmod-xtables-addons, kmod-virtualbox & bluez packages fix security vulnerabilities
Publication date: 22 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50103 , CVE-2024-50108 , CVE-2024-50110 , CVE-2024-50111 , CVE-2024-50112 , CVE-2024-50115 , CVE-2024-50116 , CVE-2024-50117 , CVE-2024-50120 , CVE-2024-50121 , CVE-2024-50124 , CVE-2024-50125 , CVE-2024-50126 , CVE-2024-50127 , CVE-2024-50128 , CVE-2024-50130 , CVE-2024-50131 , CVE-2024-50133 , CVE-2024-50134 , CVE-2024-50135 , CVE-2024-50136 , CVE-2024-50139 , CVE-2024-50140 , CVE-2024-50141 , CVE-2024-50142 , CVE-2024-50143 , CVE-2024-50145 , CVE-2024-50147 , CVE-2024-50148 , CVE-2024-50150 , CVE-2024-50151 , CVE-2024-50152 , CVE-2024-50153 , CVE-2024-50154 , CVE-2024-50155 , CVE-2024-50156 , CVE-2024-50158 , CVE-2024-50159 , CVE-2024-50160 , CVE-2024-50162 , CVE-2024-50163 , CVE-2024-50164 , CVE-2024-50166 , CVE-2024-50167 , CVE-2024-50168 , CVE-2024-50169 , CVE-2024-50170 , CVE-2024-50171 , CVE-2024-50172 , CVE-2024-50205 , CVE-2024-50208 , CVE-2024-50209 , CVE-2024-50210 , CVE-2024-50211 , CVE-2024-50215 , CVE-2024-50216 , CVE-2024-50218 , CVE-2024-50219 , CVE-2024-50222 , CVE-2024-50223 , CVE-2024-50224 , CVE-2024-50226 , CVE-2024-50228 , CVE-2024-50229 , CVE-2024-50230 , CVE-2024-50231 , CVE-2024-50232 , CVE-2024-50233 , CVE-2024-50234 , CVE-2024-50235 , CVE-2024-50236 , CVE-2024-50237 , CVE-2024-50239 , CVE-2024-50240 , CVE-2024-50242 , CVE-2024-50243 , CVE-2024-50244 , CVE-2024-50245 , CVE-2024-50246 , CVE-2024-50247 , CVE-2024-50248 , CVE-2024-50249 , CVE-2024-50250 , CVE-2024-50251 , CVE-2024-50252 , CVE-2024-50255 , CVE-2024-50256 , CVE-2024-50257 , CVE-2024-50258 , CVE-2024-50259 , CVE-2024-50261 , CVE-2024-50262 Description Upstream kernel version 6.6.61 fixes bugs and vulnerabilities. The bluez, kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50103 , CVE-2024-50108 , CVE-2024-50110 , CVE-2024-50111 , CVE-2024-50112 , CVE-2024-50115 , CVE-2024-50116 , CVE-2024-50117 , CVE-2024-50120 , CVE-2024-50121 , CVE-2024-50124 , CVE-2024-50125 , CVE-2024-50126 , CVE-2024-50127 , CVE-2024-50128 , CVE-2024-50130 , CVE-2024-50131 , CVE-2024-50133 , CVE-2024-50134 , CVE-2024-50135 , CVE-2024-50136 , CVE-2024-50139 , CVE-2024-50140 , CVE-2024-50141 , CVE-2024-50142 , CVE-2024-50143 , CVE-2024-50145 , CVE-2024-50147 , CVE-2024-50148 , CVE-2024-50150 , CVE-2024-50151 , CVE-2024-50152 , CVE-2024-50153 , CVE-2024-50154 , CVE-2024-50155 , CVE-2024-50156 , CVE-2024-50158 , CVE-2024-50159 , CVE-2024-50160 , CVE-2024-50162 , CVE-2024-50163 , CVE-2024-50164 , CVE-2024-50166 , CVE-2024-50167 , CVE-2024-50168 , CVE-2024-50169 , CVE-2024-50170 , CVE-2024-50171 , CVE-2024-50172 , CVE-2024-50205 , CVE-2024-50208 , CVE-2024-50209 , CVE-2024-50210 , CVE-2024-50211 , CVE-2024-50215 , CVE-2024-50216 , CVE-2024-50218 , CVE-2024-50219 , CVE-2024-50222 , CVE-2024-50223 , CVE-2024-50224 , CVE-2024-50226 , CVE-2024-50228 , CVE-2024-50229 , CVE-2024-50230 , CVE-2024-50231 , CVE-2024-50232 , CVE-2024-50233 , CVE-2024-50234 , CVE-2024-50235 , CVE-2024-50236 , CVE-2024-50237 , CVE-2024-50239 , CVE-2024-50240 , CVE-2024-50242 , CVE-2024-50243 , CVE-2024-50244 , CVE-2024-50245 , CVE-2024-50246 , CVE-2024-50247 , CVE-2024-50248 , CVE-2024-50249 , CVE-2024-50250 , CVE-2024-50251 , CVE-2024-50252 , CVE-2024-50255 , CVE-2024-50256 , CVE-2024-50257 , CVE-2024-50258 , CVE-2024-50259 , CVE-2024-50261 , CVE-2024-50262 Description Upstream kernel version 6.6.61 fixes bugs and vulnerabilities. The bluez, kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=33775
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.59
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.60
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.61
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50103
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50108
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50110
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50111
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50112
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50115
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50116
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50117
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50121
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50124
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50125
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50126
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50127
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50128
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50130
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50131
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50133
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50134
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50135
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50140
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50141
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50142
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50143
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50145
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50147
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50148
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50150
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50151
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50152
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50153
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50154
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50155
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50156
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50158
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50159
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50160
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50162
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50163
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50164
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50166
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50167
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50168
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50169
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50170
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50171
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50172
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50205
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50208
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50209
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50210
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50211
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50215
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50216
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50218
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50219
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50222
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50223
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50224
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50226
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50228
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50229
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50230
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50231
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50232
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50233
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50234
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50235
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50236
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50237
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50239
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50240
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50242
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50243
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50244
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50245
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50246
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50247
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50248
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50249
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50250
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50251
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50252
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50255
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50256
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50257
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50258
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50259
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50261
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50262
- kernel-6.6.61-1.mga9
- kmod-virtualbox-7.0.20-58.mga9
- kmod-xtables-addons-3.24-66.mga9
- bluez-5.79-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0368 - Updated kernel-linus packages fix security vulnerabilities
Publication date: 22 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50103 , CVE-2024-50108 , CVE-2024-50110 , CVE-2024-50111 , CVE-2024-50112 , CVE-2024-50115 , CVE-2024-50116 , CVE-2024-50117 , CVE-2024-50120 , CVE-2024-50121 , CVE-2024-50124 , CVE-2024-50125 , CVE-2024-50126 , CVE-2024-50127 , CVE-2024-50128 , CVE-2024-50130 , CVE-2024-50131 , CVE-2024-50133 , CVE-2024-50134 , CVE-2024-50135 , CVE-2024-50136 , CVE-2024-50139 , CVE-2024-50140 , CVE-2024-50141 , CVE-2024-50142 , CVE-2024-50143 , CVE-2024-50145 , CVE-2024-50147 , CVE-2024-50148 , CVE-2024-50150 , CVE-2024-50151 , CVE-2024-50152 , CVE-2024-50153 , CVE-2024-50154 , CVE-2024-50155 , CVE-2024-50156 , CVE-2024-50158 , CVE-2024-50159 , CVE-2024-50160 , CVE-2024-50162 , CVE-2024-50163 , CVE-2024-50164 , CVE-2024-50166 , CVE-2024-50167 , CVE-2024-50168 , CVE-2024-50169 , CVE-2024-50170 , CVE-2024-50171 , CVE-2024-50172 , CVE-2024-50205 , CVE-2024-50208 , CVE-2024-50209 , CVE-2024-50210 , CVE-2024-50211 , CVE-2024-50215 , CVE-2024-50216 , CVE-2024-50218 , CVE-2024-50219 , CVE-2024-50222 , CVE-2024-50223 , CVE-2024-50224 , CVE-2024-50226 , CVE-2024-50228 , CVE-2024-50229 , CVE-2024-50230 , CVE-2024-50231 , CVE-2024-50232 , CVE-2024-50233 , CVE-2024-50234 , CVE-2024-50235 , CVE-2024-50236 , CVE-2024-50237 , CVE-2024-50239 , CVE-2024-50240 , CVE-2024-50242 , CVE-2024-50243 , CVE-2024-50244 , CVE-2024-50245 , CVE-2024-50246 , CVE-2024-50247 , CVE-2024-50248 , CVE-2024-50249 , CVE-2024-50250 , CVE-2024-50251 , CVE-2024-50252 , CVE-2024-50255 , CVE-2024-50256 , CVE-2024-50257 , CVE-2024-50258 , CVE-2024-50259 , CVE-2024-50261 , CVE-2024-50262 Description Vanilla upstream kernel version 6.6.61 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50103 , CVE-2024-50108 , CVE-2024-50110 , CVE-2024-50111 , CVE-2024-50112 , CVE-2024-50115 , CVE-2024-50116 , CVE-2024-50117 , CVE-2024-50120 , CVE-2024-50121 , CVE-2024-50124 , CVE-2024-50125 , CVE-2024-50126 , CVE-2024-50127 , CVE-2024-50128 , CVE-2024-50130 , CVE-2024-50131 , CVE-2024-50133 , CVE-2024-50134 , CVE-2024-50135 , CVE-2024-50136 , CVE-2024-50139 , CVE-2024-50140 , CVE-2024-50141 , CVE-2024-50142 , CVE-2024-50143 , CVE-2024-50145 , CVE-2024-50147 , CVE-2024-50148 , CVE-2024-50150 , CVE-2024-50151 , CVE-2024-50152 , CVE-2024-50153 , CVE-2024-50154 , CVE-2024-50155 , CVE-2024-50156 , CVE-2024-50158 , CVE-2024-50159 , CVE-2024-50160 , CVE-2024-50162 , CVE-2024-50163 , CVE-2024-50164 , CVE-2024-50166 , CVE-2024-50167 , CVE-2024-50168 , CVE-2024-50169 , CVE-2024-50170 , CVE-2024-50171 , CVE-2024-50172 , CVE-2024-50205 , CVE-2024-50208 , CVE-2024-50209 , CVE-2024-50210 , CVE-2024-50211 , CVE-2024-50215 , CVE-2024-50216 , CVE-2024-50218 , CVE-2024-50219 , CVE-2024-50222 , CVE-2024-50223 , CVE-2024-50224 , CVE-2024-50226 , CVE-2024-50228 , CVE-2024-50229 , CVE-2024-50230 , CVE-2024-50231 , CVE-2024-50232 , CVE-2024-50233 , CVE-2024-50234 , CVE-2024-50235 , CVE-2024-50236 , CVE-2024-50237 , CVE-2024-50239 , CVE-2024-50240 , CVE-2024-50242 , CVE-2024-50243 , CVE-2024-50244 , CVE-2024-50245 , CVE-2024-50246 , CVE-2024-50247 , CVE-2024-50248 , CVE-2024-50249 , CVE-2024-50250 , CVE-2024-50251 , CVE-2024-50252 , CVE-2024-50255 , CVE-2024-50256 , CVE-2024-50257 , CVE-2024-50258 , CVE-2024-50259 , CVE-2024-50261 , CVE-2024-50262 Description Vanilla upstream kernel version 6.6.61 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=33776
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.59
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.60
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.61
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50103
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50108
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50110
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50111
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50112
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50115
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50116
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50117
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50121
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50124
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50125
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50126
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50127
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50128
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50130
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50131
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50133
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50134
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50135
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50140
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50141
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50142
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50143
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50145
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50147
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50148
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50150
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50151
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50152
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50153
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50154
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50155
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50156
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50158
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50159
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50160
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50162
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50163
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50164
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50166
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50167
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50168
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50169
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50170
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50171
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50172
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50205
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50208
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50209
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50210
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50211
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50215
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50216
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50218
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50219
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50222
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50223
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50224
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50226
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50228
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50229
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50230
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50231
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50232
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50233
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50234
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50235
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50236
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50237
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50239
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50240
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50242
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50243
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50244
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50245
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50246
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50247
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50248
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50249
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50250
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50251
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50252
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50255
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50256
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50257
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50258
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50259
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50261
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50262
- kernel-linus-6.6.61-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0367 - Updated radare2 packages fix security vulnerability
Publication date: 22 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-48241 Description An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function. (CVE-2024-48241) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-48241 Description An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function. (CVE-2024-48241) References
- https://bugs.mageia.org/show_bug.cgi?id=33755
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GFYOSKZAUGT7XKZWLV56ZMYJVZ6EHY42/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48241
- radare2-5.8.8-1.3.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0366 - Updated kanboard packages fix security vulnerability
Publication date: 22 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-36813 Description In versions prior to 1.2.31 an authenticated user is able to perform a SQL injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations the code improperly uses the PicoDB library to update/insert new information. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-36813 Description In versions prior to 1.2.31 an authenticated user is able to perform a SQL injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations the code improperly uses the PicoDB library to update/insert new information. References
- https://bugs.mageia.org/show_bug.cgi?id=32113
- https://www.debian.org/security/2023/dsa-5454
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36813
- kanboard-1.2.42-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0232 - Updated mesa & libdrm packages fix bugs
Publication date: 22 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description brw_fs_opt_copy_propagation incorrectly handles size changes of uniforms. nouveau paraview msaa corruption 23.1 bisected regression. Missing xshmfence dependency for X11 WSI on macOS. [AMDGPU RDNA3] Black square artifacts in viewport renders in Blender. radv: test_sm67_sample_cmp_level test in vkd3d-proton fails [ANV] LNL tiled corruption in background traci Blackops3-trace-dx11-1080p-high. [anv] Possible regression in e3814dee1ac0f90771b921a4f6f5aed10f06e8d4 Confidential issue #12092 References
Type: bugfix
Affected Mageia releases : 9
Description brw_fs_opt_copy_propagation incorrectly handles size changes of uniforms. nouveau paraview msaa corruption 23.1 bisected regression. Missing xshmfence dependency for X11 WSI on macOS. [AMDGPU RDNA3] Black square artifacts in viewport renders in Blender. radv: test_sm67_sample_cmp_level test in vkd3d-proton fails [ANV] LNL tiled corruption in background traci Blackops3-trace-dx11-1080p-high. [anv] Possible regression in e3814dee1ac0f90771b921a4f6f5aed10f06e8d4 Confidential issue #12092 References
- https://bugs.mageia.org/show_bug.cgi?id=33774
- https://docs.mesa3d.org/relnotes/24.2.6.html#changes
- https://docs.mesa3d.org/relnotes/24.2.7.html#changes
- mesa-24.2.7-1.mga9.tainted
- mesa-24.2.7-1.mga9
- libdrm-2.4.123-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0365 - Updated thunderbird packages fix security vulnerability
Publication date: 20 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-11159 Description Potential disclosure of plaintext in OpenPGP encrypted message. (CVE-2024-11159) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-11159 Description Potential disclosure of plaintext in OpenPGP encrypted message. (CVE-2024-11159) References
- https://bugs.mageia.org/show_bug.cgi?id=33763
- https://www.thunderbird.net/en-US/thunderbird/128.4.2esr/releasenotes/
- https://www.thunderbird.net/en-US/thunderbird/128.4.3esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-61/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11159
- thunderbird-128.4.3-1.mga9
- thunderbird-l10n-128.4.3-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0231 - Updated nvidia-current packages fix bug
Publication date: 16 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bug which could cause applications using GBM to crash when running with nvidia-drm.modeset=0 References SRPMS 9/nonfree
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bug which could cause applications using GBM to crash when running with nvidia-drm.modeset=0 References SRPMS 9/nonfree
- nvidia-current-550.127.05-1.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGASA-2024-0364 - Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk & java-latest-openjdk packages fix security vulnerabilities
Publication date: 13 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48161 , CVE-2024-21208 , CVE-2024-21210 , CVE-2024-21217 , CVE-2024-21235 Description giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function. (CVE-2023-48161) Array indexing integer overflow. (CVE-2024-21210) HTTP client improper handling of maxHeaderSize. (CVE-2024-21208) Unbounded allocation leads to out-of-memory error. (CVE-2024-21217) Integer conversion error leads to incorrect range check. (CVE-2024-21235) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48161 , CVE-2024-21208 , CVE-2024-21210 , CVE-2024-21217 , CVE-2024-21235 Description giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function. (CVE-2023-48161) Array indexing integer overflow. (CVE-2024-21210) HTTP client improper handling of maxHeaderSize. (CVE-2024-21208) Unbounded allocation leads to out-of-memory error. (CVE-2024-21217) Integer conversion error leads to incorrect range check. (CVE-2024-21235) References
- https://bugs.mageia.org/show_bug.cgi?id=33648
- https://access.redhat.com/errata/RHSA-2024:8117
- https://access.redhat.com/errata/RHSA-2024:8121
- https://access.redhat.com/errata/RHSA-2024:8124
- https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixJAVA
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48161
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235
- java-17-openjdk-17.0.13.0.11-1.mga9
- java-11-openjdk-11.0.25.0.9-1.mga9
- java-1.8.0-openjdk-1.8.0.432.b06-1.mga9
- java-latest-openjdk-23.0.1.0.11-2.rolling.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0363 - Updated libarchive packages fix security vulnerability
Publication date: 13 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-20696 Description A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. (CVE-2024-20696) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-20696 Description A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. (CVE-2024-20696) References
- https://bugs.mageia.org/show_bug.cgi?id=33757
- https://lists.debian.org/debian-security-announce/2024/msg00220.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20696
- libarchive-3.6.2-5.3.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0230 - Updated opencpn packages fix bugs
Publication date: 13 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description opencpn-5.10.2, a maintenance release for opencpn, has been released correcting some problems concerning, among others, the display of grib files. References
Type: bugfix
Affected Mageia releases : 9
Description opencpn-5.10.2, a maintenance release for opencpn, has been released correcting some problems concerning, among others, the display of grib files. References
- https://bugs.mageia.org/show_bug.cgi?id=33740
- https://github.com/OpenCPN/OpenCPN/releases/tag/Release_5.10.2
- https://github.com/OpenCPN/OpenCPN/releases/tag/Release_5.10.0
- opencpn-5.10.2-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0229 - Updated inxi packages makes glxinfo an optional requirement
Publication date: 13 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description Installing inxi on a server installs a lot of Xorg related libraries due to the requirement of glxinfo, whereas this is optional. This update fixes this issue and also updates to the current version. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description Installing inxi on a server installs a lot of Xorg related libraries due to the requirement of glxinfo, whereas this is optional. This update fixes this issue and also updates to the current version. References SRPMS 9/core
- inxi-3.3.36-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0362 - Updated expat packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50602 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. (CVE-2024-50602) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50602 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. (CVE-2024-50602) References
- https://bugs.mageia.org/show_bug.cgi?id=33739
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.358428
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602
- expat-2.6.4-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0361 - Updated php-tcpdf packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-22641 Description TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. (CVE-2024-22641) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-22641 Description TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. (CVE-2024-22641) References
- https://bugs.mageia.org/show_bug.cgi?id=33731
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGK7LQSJONZPU3VOQTQ36UN6OAD6ZM4H/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22641
- php-tcpdf-6.5.0-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0360 - Updated curl packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9681 Description When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with hosts like x.example.com as well as example.com where the first host is a subdomain of the second host. This flaw also affects the curl command line tool. When triggered, this is a potential minor DoS security problem when trying to use HTTPS when that no longer works or a cleartext transmission of data that was otherwise intended to possibly be protected. This update fixes the issue so subdomains cannot affect the HSTS cache of a parent domain. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9681 Description When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with hosts like x.example.com as well as example.com where the first host is a subdomain of the second host. This flaw also affects the curl command line tool. When triggered, this is a potential minor DoS security problem when trying to use HTTPS when that no longer works or a cleartext transmission of data that was otherwise intended to possibly be protected. This update fixes the issue so subdomains cannot affect the HSTS cache of a parent domain. References
- https://bugs.mageia.org/show_bug.cgi?id=33730
- https://curl.se/docs/CVE-2024-9681.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681
- curl-7.88.1-4.4.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0359 - Updated qbittorrent packages fix security vulnerabilities
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
Description qBittorrent, on all platforms, did not verify any SSL certificates in its DownloadManager class from 2010 until October 2024. If it failed to verify a cert, it simply logged an error and proceeded. References
Type: security
Affected Mageia releases : 9
Description qBittorrent, on all platforms, did not verify any SSL certificates in its DownloadManager class from 2010 until October 2024. If it failed to verify a cert, it simply logged an error and proceeded. References
- https://bugs.mageia.org/show_bug.cgi?id=33712
- https://www.openwall.com/lists/oss-security/2024/10/30/4
- https://www.openwall.com/lists/oss-security/2024/10/31/3
- qbittorrent-4.6.7-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0358 - Updated mpg123 packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-10573 Description An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. (CVE-2024-10573) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-10573 Description An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. (CVE-2024-10573) References
- https://bugs.mageia.org/show_bug.cgi?id=33711
- https://www.openwall.com/lists/oss-security/2024/10/30/2
- https://www.openwall.com/lists/oss-security/2024/10/30/3
- https://www.openwall.com/lists/oss-security/2024/10/31/4
- https://www.openwall.com/lists/oss-security/2024/11/01/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10573
- mpg123-1.31.3-1.1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0357 - Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9632 Description Due to an improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially-crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. (CVE-2024-9632) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9632 Description Due to an improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially-crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. (CVE-2024-9632) References
- https://bugs.mageia.org/show_bug.cgi?id=33710
- https://www.openwall.com/lists/oss-security/2024/10/29/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632
- x11-server-21.1.8-7.6.mga9
- x11-server-xwayland-22.1.9-1.6.mga9
- tigervnc-1.13.1-2.6.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0356 - Updated networkmanager-libreswan packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9050 Description A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the "leftupdown" key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration. (CVE-2024-9050) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9050 Description A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the "leftupdown" key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration. (CVE-2024-9050) References
- https://bugs.mageia.org/show_bug.cgi?id=33709
- https://www.openwall.com/lists/oss-security/2024/10/25/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9050
- networkmanager-libreswan-1.2.24-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0355 - Updated openssl packages fix security vulnerability
Publication date: 12 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9143 Description Low-level invalid GF(2^m) parameters lead to OOB memory accesses. (CVE-2024-9143) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9143 Description Low-level invalid GF(2^m) parameters lead to OOB memory accesses. (CVE-2024-9143) References
- https://bugs.mageia.org/show_bug.cgi?id=33650
- https://openssl-library.org/news/secadv/20241016.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9143
- openssl-3.0.15-1.1.mga9
Categorías: Actualizaciones de Seguridad
