Actualizaciones de Seguridad
MGAA-2025-0002 - Updated nvidia-newfeature packages fix bugs
Publication date: 04 Jan 2025
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bug in i2c handling that caused the OpenRGB Application to set incorrect LED colors on some NVIDIA GPUs. https://github.com/NVIDIA/open-gpu-kernel-modules/issues/41 Changed the fallback preference from 10 BPC YUV422 to 8 BPC RGB + dithering when enabling HDR scanout with limited display bandwidth. Fixed a bug that could cause the nvidia-settings control panel to crash when using X11 forwarding on some systems. Added a new application profile key, "GLVidHeapReuseRatio", to control the amount of memory OpenGL may hold for later reuse, as well as some application profiles for several Wayland compositors using the new key to work around issues with excessive video memory usage. Fixed a bug that could lead to crashes when a Vulkan application waits on a VkFence created by importing a DRM syncobj. This solves some crashes observed with Unreal Engine and other applications on Wayland. Fixed a bug that could cause KDE Plasma 6 to crash when running as a Wayland compositor. Fixed a bug that would cause the driver stack to fail to load the correct state of a Quadro Sync board when GSP is enabled. This would lead to inaccuracies in reporting framelock state when using house sync or stereo signals. Updated the kernel module build process to use CONFIG_CC_VERSION_TEXT from the Linux kernel's Kconfig to detect the compiler used to build the kernel. This may help select the correct compiler on systems where the kernel was built with a compiler other than the default one. Fixed a bug that prevented kernel modules linked using precompiled kernel interface files from loading on recent Debian systems. Improved the ability of nvidia-modprobe to detect whether kernel modules are already loaded. This corrects an issue that prevented nvidia-persistenced from setting persistence mode on some systems. Please note, starting from this release it's provided also the package: dkms-nvidia-newfeature-open-565.77-1.mga9.nonfree This is an "alternative" package to 'dkms-nvidia-newfeature' which uses open source kernel modules instead of the closed source ones. Note that only NVidia cards of arch Turing and beyond are supported by this dkms-nvidia-newfeature-open Older NVidia cards, e.g. in the Maxwell or Pascal arch supports only the standard dkms-nvidia-newfeature. So for instance Quadro K620 is in the Maxwell arch and are not supported by the -open variant. GTX 1080 is in the Pascal arch and it's not supported. RTX 2070, GTX 1660 are in the Turing arch and are supported. Quadro RTX A6000 is in the Ampere arch and is supported, etc. Note also that such dkms-nvidia-newfeature-open package it's not installed automatically by the drakx11 utils, but could be installed manually (in that case the cards must be already configured by the utils). So only for the brave and with a minimal competence with manual package installing. References SRPMS 9/nonfree
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bug in i2c handling that caused the OpenRGB Application to set incorrect LED colors on some NVIDIA GPUs. https://github.com/NVIDIA/open-gpu-kernel-modules/issues/41 Changed the fallback preference from 10 BPC YUV422 to 8 BPC RGB + dithering when enabling HDR scanout with limited display bandwidth. Fixed a bug that could cause the nvidia-settings control panel to crash when using X11 forwarding on some systems. Added a new application profile key, "GLVidHeapReuseRatio", to control the amount of memory OpenGL may hold for later reuse, as well as some application profiles for several Wayland compositors using the new key to work around issues with excessive video memory usage. Fixed a bug that could lead to crashes when a Vulkan application waits on a VkFence created by importing a DRM syncobj. This solves some crashes observed with Unreal Engine and other applications on Wayland. Fixed a bug that could cause KDE Plasma 6 to crash when running as a Wayland compositor. Fixed a bug that would cause the driver stack to fail to load the correct state of a Quadro Sync board when GSP is enabled. This would lead to inaccuracies in reporting framelock state when using house sync or stereo signals. Updated the kernel module build process to use CONFIG_CC_VERSION_TEXT from the Linux kernel's Kconfig to detect the compiler used to build the kernel. This may help select the correct compiler on systems where the kernel was built with a compiler other than the default one. Fixed a bug that prevented kernel modules linked using precompiled kernel interface files from loading on recent Debian systems. Improved the ability of nvidia-modprobe to detect whether kernel modules are already loaded. This corrects an issue that prevented nvidia-persistenced from setting persistence mode on some systems. Please note, starting from this release it's provided also the package: dkms-nvidia-newfeature-open-565.77-1.mga9.nonfree This is an "alternative" package to 'dkms-nvidia-newfeature' which uses open source kernel modules instead of the closed source ones. Note that only NVidia cards of arch Turing and beyond are supported by this dkms-nvidia-newfeature-open Older NVidia cards, e.g. in the Maxwell or Pascal arch supports only the standard dkms-nvidia-newfeature. So for instance Quadro K620 is in the Maxwell arch and are not supported by the -open variant. GTX 1080 is in the Pascal arch and it's not supported. RTX 2070, GTX 1660 are in the Turing arch and are supported. Quadro RTX A6000 is in the Ampere arch and is supported, etc. Note also that such dkms-nvidia-newfeature-open package it's not installed automatically by the drakx11 utils, but could be installed manually (in that case the cards must be already configured by the utils). So only for the brave and with a minimal competence with manual package installing. References SRPMS 9/nonfree
- nvidia-newfeature-565.77-5.mga9.nonfree
- cuda-z-0.11.291-9.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGAA-2025-0001 - Updated nvidia-current, nvidia470, meta-task, mageia-repos & ldetect-lst packages fix bugs
Publication date: 04 Jan 2025
Type: bugfix
Affected Mageia releases : 9
Description Minor bug fixes and improvements. Note that starting from this version, dkms-nvidia-current-open-550.142-1.mga9.nonfree is provided as the alternative open-sourced Nvidia kernel module (this package is not automatically retrieved from drakx11). Note that while the nvidia-current package works for cards of series GTX 745 and beyond, these modules, as we already seen for nvidia-newfeature, work only for cards of series Turing and beyond. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description Minor bug fixes and improvements. Note that starting from this version, dkms-nvidia-current-open-550.142-1.mga9.nonfree is provided as the alternative open-sourced Nvidia kernel module (this package is not automatically retrieved from drakx11). Note that while the nvidia-current package works for cards of series GTX 745 and beyond, these modules, as we already seen for nvidia-newfeature, work only for cards of series Turing and beyond. References SRPMS 9/core
- meta-task-9-3.mga9
- mageia-repos-9-3.mga9
- ldetect-lst-0.6.59-1.mga9
- nvidia-current-550.142-3.mga9.nonfree
- nvidia470-470.256.02-3.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGAA-2024-0241 - Updated openssh packages fix bug
Publication date: 30 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description ssh crashed with a segfault when using a dss key. This update fixes the issue. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description ssh crashed with a segfault when using a dss key. This update fixes the issue. References SRPMS 9/core
- openssh-9.3p1-2.3.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0240 - Updated php packages fix bugs
Publication date: 29 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description Updated PHP package fixes many segfaults, memory leaks and overflows. References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description Updated PHP package fixes many segfaults, memory leaks and overflows. References SRPMS 9/core
- php-8.2.27-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0397 - Updated emacs packages fix security vulnerability
Publication date: 24 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-53920 Description In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code). (CVE-2024-53920) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-53920 Description In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code). (CVE-2024-53920) References
- https://bugs.mageia.org/show_bug.cgi?id=33867
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/P4KYDPPUCZHJVNAEXLQAF43YKVZPVWFH/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53920
- emacs-29.4-1.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0396 - Updated mozjs78 packages fix security vulnerability
Publication date: 21 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50602 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. (CVE-2024-50602) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50602 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. (CVE-2024-50602) References
- https://bugs.mageia.org/show_bug.cgi?id=33864
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/X3V7QAWJ6AWA3YEKX4DEGJFLTQ6ASRC3/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602
- mozjs78-78.15.0-7.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0395 - Updated thunderbird packages fix security vulnerability
Publication date: 21 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50336 Description Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. (CVE-2024-50336) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50336 Description Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. (CVE-2024-50336) References
- https://bugs.mageia.org/show_bug.cgi?id=33852
- https://www.thunderbird.net/en-US/thunderbird/128.5.2esr/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-69/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50336
- thunderbird-128.5.2-1.mga9
- thunderbird-l10n-128.5.2-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0394 - Updated tomcat tomcat packages fix security vulnerabilities
Publication date: 21 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50379 , CVE-2024-54677 Description RCE due to TOCTOU issue in JSP compilation. (CVE-2024-50379) DoS in examples web application. (CVE-2024-54677) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-50379 , CVE-2024-54677 Description RCE due to TOCTOU issue in JSP compilation. (CVE-2024-50379) DoS in examples web application. (CVE-2024-54677) References
- https://bugs.mageia.org/show_bug.cgi?id=33863
- https://www.openwall.com/lists/oss-security/2024/12/17/4
- https://www.openwall.com/lists/oss-security/2024/12/17/5
- https://www.openwall.com/lists/oss-security/2024/12/17/6
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50379
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54677
- tomcat-9.0.98-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0239 - Updated wireless-regdb packages fix bug
Publication date: 21 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description Update regulatory info for Oman (OM) Better support for generating public certificates References
Type: bugfix
Affected Mageia releases : 9
Description Update regulatory info for Oman (OM) Better support for generating public certificates References
- https://bugs.mageia.org/show_bug.cgi?id=33809
- https://git.kernel.org/pub/scm/linux/kernel/git/wens/wireless-regdb.git
- wireless-regdb-20241007-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0238 - Updated guayadeque packages fix bugs
Publication date: 21 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description This version corrects some bugs, improves the GUI, corrects some errors in messages (in English) and in messages translations (in Catalan, French, German, Greek, Italian, Spanish that were filled with misinterpretations ) References
Type: bugfix
Affected Mageia releases : 9
Description This version corrects some bugs, improves the GUI, corrects some errors in messages (in English) and in messages translations (in Catalan, French, German, Greek, Italian, Spanish that were filled with misinterpretations ) References
- https://bugs.mageia.org/show_bug.cgi?id=33854
- https://github.com/thothix/guayadeque/releases/tag/v0.6.2
- https://github.com/thothix/guayadeque/releases/tag/v0.6.1
- https://github.com/thothix/guayadeque/releases/tag/v0.6.0
- guayadeque-0.6.2-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0393 - Updated kernel-linus packages fix security vulnerabilities
Publication date: 18 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-53079 , CVE-2024-53091 , CVE-2024-53093 , CVE-2024-53094 , CVE-2024-53095 , CVE-2024-53097 , CVE-2024-53099 , CVE-2024-53100 , CVE-2024-53101 , CVE-2024-53102 , CVE-2024-53106 , CVE-2024-53108 , CVE-2024-53109 , CVE-2024-53110 , CVE-2024-53112 , CVE-2024-53113 , CVE-2024-53119 , CVE-2024-53120 , CVE-2024-53121 , CVE-2024-53122 , CVE-2024-53123 , CVE-2024-53126 , CVE-2024-53127 , CVE-2024-53129 , CVE-2024-53130 , CVE-2024-53131 , CVE-2024-53134 , CVE-2024-53135 , CVE-2024-53136 , CVE-2024-53138 , CVE-2024-53139 , CVE-2024-53140 Description Vanilla upstream kernel version 6.6.65 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-53079 , CVE-2024-53091 , CVE-2024-53093 , CVE-2024-53094 , CVE-2024-53095 , CVE-2024-53097 , CVE-2024-53099 , CVE-2024-53100 , CVE-2024-53101 , CVE-2024-53102 , CVE-2024-53106 , CVE-2024-53108 , CVE-2024-53109 , CVE-2024-53110 , CVE-2024-53112 , CVE-2024-53113 , CVE-2024-53119 , CVE-2024-53120 , CVE-2024-53121 , CVE-2024-53122 , CVE-2024-53123 , CVE-2024-53126 , CVE-2024-53127 , CVE-2024-53129 , CVE-2024-53130 , CVE-2024-53131 , CVE-2024-53134 , CVE-2024-53135 , CVE-2024-53136 , CVE-2024-53138 , CVE-2024-53139 , CVE-2024-53140 Description Vanilla upstream kernel version 6.6.65 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=33846
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.62
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.63
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.64
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.65
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53079
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53091
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53093
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53094
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53095
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53099
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53100
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53101
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53102
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53106
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53108
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53109
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53110
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53112
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53113
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53119
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53121
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53122
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53123
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53126
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53127
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53129
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53130
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53131
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53134
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53135
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53138
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53140
- kernel-linus-6.6.65-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0392 - Updated kernel, kmod-xtables-addons, kmod-virtualbox & dwarves packages fix security vulnerabilities
Publication date: 18 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-53079 , CVE-2024-53091 , CVE-2024-53093 , CVE-2024-53094 , CVE-2024-53095 , CVE-2024-53097 , CVE-2024-53099 , CVE-2024-53100 , CVE-2024-53101 , CVE-2024-53102 , CVE-2024-53106 , CVE-2024-53108 , CVE-2024-53109 , CVE-2024-53110 , CVE-2024-53112 , CVE-2024-53113 , CVE-2024-53119 , CVE-2024-53120 , CVE-2024-53121 , CVE-2024-53122 , CVE-2024-53123 , CVE-2024-53126 , CVE-2024-53127 , CVE-2024-53129 , CVE-2024-53130 , CVE-2024-53131 , CVE-2024-53134 , CVE-2024-53135 , CVE-2024-53136 , CVE-2024-53138 , CVE-2024-53139 , CVE-2024-53140 Description Upstream kernel version 6.6.65 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-53079 , CVE-2024-53091 , CVE-2024-53093 , CVE-2024-53094 , CVE-2024-53095 , CVE-2024-53097 , CVE-2024-53099 , CVE-2024-53100 , CVE-2024-53101 , CVE-2024-53102 , CVE-2024-53106 , CVE-2024-53108 , CVE-2024-53109 , CVE-2024-53110 , CVE-2024-53112 , CVE-2024-53113 , CVE-2024-53119 , CVE-2024-53120 , CVE-2024-53121 , CVE-2024-53122 , CVE-2024-53123 , CVE-2024-53126 , CVE-2024-53127 , CVE-2024-53129 , CVE-2024-53130 , CVE-2024-53131 , CVE-2024-53134 , CVE-2024-53135 , CVE-2024-53136 , CVE-2024-53138 , CVE-2024-53139 , CVE-2024-53140 Description Upstream kernel version 6.6.65 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References
- https://bugs.mageia.org/show_bug.cgi?id=33845
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.62
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.63
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.64
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.65
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53079
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53091
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53093
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53094
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53095
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53099
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53100
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53101
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53102
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53106
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53108
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53109
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53110
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53112
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53113
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53119
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53121
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53122
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53123
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53126
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53127
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53129
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53130
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53131
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53134
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53135
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53136
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53138
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53140
- kernel-6.6.65-2.mga9
- kmod-xtables-addons-3.24-69.mga9
- kmod-virtualbox-7.0.20-61.mga9
- dwarves-1.28-1.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0391 - Updated curl packages fix security vulnerability
Publication date: 17 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-11053 Description When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. This update fixes this logic to avoid sending a password to the wrong host. References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-11053 Description When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. This update fixes this logic to avoid sending a password to the wrong host. References
- https://bugs.mageia.org/show_bug.cgi?id=33844
- https://curl.se/docs/CVE-2024-11053.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053
- curl-7.88.1-4.5.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0390 - Updated socat packages fix security vulnerability
Publication date: 17 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-54661 Description CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory in socat readline.sh References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-54661 Description CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory in socat readline.sh References
- https://bugs.mageia.org/show_bug.cgi?id=33851
- https://lists.suse.com/pipermail/sle-security-updates/2024-December/019988.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54661
- socat-1.8.0.2-1.mga9
Categorías: Actualizaciones de Seguridad
MGAA-2024-0237 - Updated nvidia-newfeature packages fix bugs
Publication date: 07 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bug, introduced in 555.58, where some DVI outputs would not work with HDMI monitors. Fixed a bug that could cause KDE Plasma Shell to freeze while hovering over or opening applets when running in Wayland compositor mode. Fixed a bug that could cause the display to freeze when presenting windows using Wayland direct scanout on multiple monitors. Fixed a bug that could cause kernel crashes upon attempting KMS operations through DRM when nvidia_drm was loaded with modeset=0. References SRPMS 9/nonfree
Type: bugfix
Affected Mageia releases : 9
Description Fixed a bug, introduced in 555.58, where some DVI outputs would not work with HDMI monitors. Fixed a bug that could cause KDE Plasma Shell to freeze while hovering over or opening applets when running in Wayland compositor mode. Fixed a bug that could cause the display to freeze when presenting windows using Wayland direct scanout on multiple monitors. Fixed a bug that could cause kernel crashes upon attempting KMS operations through DRM when nvidia_drm was loaded with modeset=0. References SRPMS 9/nonfree
- nvidia-newfeature-560.35.03-2.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGAA-2024-0236 - Updated mesa, rust-bindgen & meson packages fix bugs
Publication date: 07 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description anv: Use-after-free detected by AddressSanitizer while running dEQP-VK Confidential issue #11770 radv: DCC causes glitches in Red Dead Redemption 2 A5xx rendering issues with firefox [ANV][Regression] Broken rendering in Flycast + Per-Pixel Alpha Sorting vtn: OpTypeStruct in kernel parameters trigger assertion in glsl_types.h radv: Resident Evil 6 Benchmark Tool has artifacts on 7900 XTX when DCC is enabled, game launched on 4K monitor without scaling and with FullHD settings [AMD RX 6700 XT] Artifacts while upscaling games in fullscreen mode Distorted pixelated graphics with Radeon RX 7900 XT with some games Total War Warhammer 2 Graphical Glitch Glitching artifacts in tile shaped patterns on 6700 XT, when using upscaled fullscreen game on labwc References SRPMS 9/core
Type: bugfix
Affected Mageia releases : 9
Description anv: Use-after-free detected by AddressSanitizer while running dEQP-VK Confidential issue #11770 radv: DCC causes glitches in Red Dead Redemption 2 A5xx rendering issues with firefox [ANV][Regression] Broken rendering in Flycast + Per-Pixel Alpha Sorting vtn: OpTypeStruct in kernel parameters trigger assertion in glsl_types.h radv: Resident Evil 6 Benchmark Tool has artifacts on 7900 XTX when DCC is enabled, game launched on 4K monitor without scaling and with FullHD settings [AMD RX 6700 XT] Artifacts while upscaling games in fullscreen mode Distorted pixelated graphics with Radeon RX 7900 XT with some games Total War Warhammer 2 Graphical Glitch Glitching artifacts in tile shaped patterns on 6700 XT, when using upscaled fullscreen game on labwc References SRPMS 9/core
- mesa-24.2.8-1.mga9
- rust-bindgen-0.69.4-1.mga9
- meson-1.4.2-1.mga9
- mesa-24.2.8-1.mga9.tainted
Categorías: Actualizaciones de Seguridad
MGAA-2024-0235 - Updated nvidia-current packages fix bugs
Publication date: 06 Dec 2024
Type: bugfix
Affected Mageia releases : 9
Description In Linux kernel 6.11, drm_fbdev_generic was renamed to drm_fbdev_ttm.Use drm_fbdev_ttm when present to keep supporting direct framebuffer access needed for Wayland compositors to present content on newer kernels. In linux-next commit 446d0f4849b1, output_poll_changed is removedfrom struct drm_mode_config_funcs. Do not implement the function pointer member when not present to ensure the driver can compile with newer kernels. The driver now supports enumerating modes on hotplug events through the DRM fbdev API. Updated the kernel module build process to use CONFIG_CC_VERSION_TEXT from the Linux kernel's Kconfig to detect the compiler used to buildt he kernel. This may help select the correct compiler on systems where the kernel was built with a compiler other than the default one. Fixed a bug that prevented kernel modules linked using precompiled kernel interface files from loading on recent Debian systems. References SRPMS 9/nonfree
Type: bugfix
Affected Mageia releases : 9
Description In Linux kernel 6.11, drm_fbdev_generic was renamed to drm_fbdev_ttm.Use drm_fbdev_ttm when present to keep supporting direct framebuffer access needed for Wayland compositors to present content on newer kernels. In linux-next commit 446d0f4849b1, output_poll_changed is removedfrom struct drm_mode_config_funcs. Do not implement the function pointer member when not present to ensure the driver can compile with newer kernels. The driver now supports enumerating modes on hotplug events through the DRM fbdev API. Updated the kernel module build process to use CONFIG_CC_VERSION_TEXT from the Linux kernel's Kconfig to detect the compiler used to buildt he kernel. This may help select the correct compiler on systems where the kernel was built with a compiler other than the default one. Fixed a bug that prevented kernel modules linked using precompiled kernel interface files from loading on recent Debian systems. References SRPMS 9/nonfree
- nvidia-current-550.135-1.mga9.nonfree
Categorías: Actualizaciones de Seguridad
MGASA-2024-0389 - Updated kubernetes kubernetes packages fix security vulnerabilities
Publication date: 06 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-3177 , CVE-2024-10220 Description A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. CVE-2024-3177 The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes. CVE-2024-10220 References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-3177 , CVE-2024-10220 Description A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. CVE-2024-3177 The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes. CVE-2024-10220 References
- https://bugs.mageia.org/show_bug.cgi?id=33143
- https://bugs.mageia.org/show_bug.cgi?id=33802
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL54MTLGMTBZZO5PYGEGEBERTMADC4WC/
- https://www.openwall.com/lists/oss-security/2024/11/20/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3177
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10220
- kubernetes-1.27.16-2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0388 - Updated python-aiohttp packages fix security vulnerabilities
Publication date: 04 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-23334 , CVE-2024-52304 Description When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. CVE-2024-23334 The Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or `AIOHTTP_NO_EXTENSIONS` is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. CVE-2024-52304 References
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-23334 , CVE-2024-52304 Description When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. CVE-2024-23334 The Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or `AIOHTTP_NO_EXTENSIONS` is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. CVE-2024-52304 References
- https://bugs.mageia.org/show_bug.cgi?id=33544
- https://ubuntu.com/security/notices/USN-6991-1
- https://lists.suse.com/pipermail/sle-security-updates/2024-November/019855.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23334
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52304
- python-aiohttp-3.8.3-3.2.mga9
Categorías: Actualizaciones de Seguridad
MGASA-2024-0387 - Updated qemu packages fix security vulnerabilities
Publication date: 04 Dec 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-1544 , CVE-2023-3019 , CVE-2023-3255 , CVE-2023-5088 , CVE-2023-6683 , CVE-2023-6693 , CVE-2023-42467 , CVE-2024-24474 , CVE-2024-26327 , CVE-2024-26328 , CVE-2024-3446 , CVE-2024-3447 , CVE-2024-4467 , CVE-2024-7409 , CVE-2024-8354 , CVE-2024-8612 Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. (CVE-2023-1544) A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. (CVE-2023-3019) A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. (CVE-2023-3255) A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot. (CVE-2023-5088) A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service. (CVE-2023-6683) A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. (CVE-2023-6693) QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately. (CVE-2023-42467) QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len. (CVE-2024-24474) An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. (CVE-2024-26327) An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled. (CVE-2024-26328) A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host. (CVE-2024-3446) A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. (CVE-2024-3447) A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. (CVE-2024-4467) A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. (CVE-2024-7409) A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. (CVE-2024-8354) A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak. (CVE-2024-8612) References
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-1544 , CVE-2023-3019 , CVE-2023-3255 , CVE-2023-5088 , CVE-2023-6683 , CVE-2023-6693 , CVE-2023-42467 , CVE-2024-24474 , CVE-2024-26327 , CVE-2024-26328 , CVE-2024-3446 , CVE-2024-3447 , CVE-2024-4467 , CVE-2024-7409 , CVE-2024-8354 , CVE-2024-8612 Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. (CVE-2023-1544) A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. (CVE-2023-3019) A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. (CVE-2023-3255) A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot. (CVE-2023-5088) A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service. (CVE-2023-6683) A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. (CVE-2023-6693) QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately. (CVE-2023-42467) QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len. (CVE-2024-24474) An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. (CVE-2024-26327) An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled. (CVE-2024-26328) A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host. (CVE-2024-3446) A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. (CVE-2024-3447) A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. (CVE-2024-4467) A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. (CVE-2024-7409) A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. (CVE-2024-8354) A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak. (CVE-2024-8612) References
- https://bugs.mageia.org/show_bug.cgi?id=33074
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ES5DXAAMYUC767MUW4BPRP6ZPDL6SUW6/
- https://lists.suse.com/pipermail/sle-updates/2024-April/035064.html
- https://lwn.net/Articles/971720/
- https://lists.suse.com/pipermail/sle-updates/2024-August/036644.html
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/HL7L7OSCUZ44UAQCOB6IUOFBWKV6ECP2/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1544
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3019
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3255
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5088
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6683
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6693
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42467
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24474
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26327
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26328
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3446
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3447
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4467
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7409
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8354
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8612
- qemu-7.2.15-1.mga9
Categorías: Actualizaciones de Seguridad
